Advisory: Tor 7.x bug leading to bypass anonymity

SicherheitA few days ago, in my German article Tor Browser 8.0 erschienen, I introduced the new version of the Tor browser. If you’re still using older versions of Tor 7.x, you should switch as soon as possible..


Advertising

Zerodium, a vendor that buys and sells exploits for software, has announced on Twitter that Tor 7.x is insecure. A bug allows a user’s choice of security level to be bypassed.

All browsers are probably affected by the JavaScript exploits under Tor 7.x. Only the new Tor 8.x version is not affected. The developer of the NoScript add-on developed and released an update (5.1.8.7) after ZDNet.com pointed out the facts in this article. neowin.net writes here that Zerodium sold the exploit months ago to another company that shares it with government organizations. So it means to update to Tor 8.x.


Advertising


This entry was posted in browser, Security, Update and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *