This article was published on October 11, 2012

After disclosing security hole in Firefox 16, Mozilla patches Android version first


After disclosing security hole in Firefox 16, Mozilla patches Android version first

Update: As promised, Mozilla releases updated Firefox 16 with security patch for Windows, Mac, and Linux

After pulling Firefox 16 earlier tonight due to a security hole, Mozilla has now released a patch for Android. You can get the latest version now from the official Google Play store.

The original announcement from Mozilla never specified that the Android version was affected by the aforementioned vulnerability, described by the company as a flaw that could allow a malicious site to potentially determine which websites users have visited by accessing URL parameters. Then again, the organization didn’t list any of the affected operating systems, and it has now become clear that all of them have vulnerable Firefox 16 flavors: Windows, Mac, Linux, and Android.

Since this is only for the security update, the official Firefox 16.0.1 for Android changelog is a short one: the vulnerability in question and “CM10 stability issues.” At the time of writing, only the Android version has been patched. Desktop users are still being advised to download Firefox 15.0.1 from mozilla.org/firefox.

Let’s recap the timeline of events. Firefox 16 was released on Monday and officially launched on Tuesday. On Wednesday (today), Mozilla revealed the latest version of its browser has a security hole, and confirmed Firefox 15 is safe to use.

Mozilla also said it has not seen any indication of the flaw being exploited in the wild but nevertheless pulled the Firefox 16 installer for Windows, Mac, and Linux. It then announced plans to release a patch at an undisclosed time on Thursday. The company also promised users would be automatically upgraded when the latest version is made available.

Given that the Android version was not pulled, I and many others simply assumed it was not affected. This turned out to be false, as the patch that just went live proves. Regardless, now we can return to waiting for the Windows, Mac, and Linux platforms to get Firefox 16.0.1 as well.

Update: As promised, Mozilla releases updated Firefox 16 with security patch for Windows, Mac, and Linux

Image credit: Lorenzo González

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with