Mozilla has released a new version of the browser that solves the zero-day vulnerabilities discovered yesterday. Upgrade to Firefox 50.0.2 will automatically be made in the next 24 hours, but users who have disabled the option in the settings can download the browser from the official website. Tor Project also distributed an update to the Tor Browser the main target of the exploit circulating on the Net.
Since the exploit code has been published on the Tor Project mailing list, anyone can place it inside a web page and find out the IP address which should be hidden from the Tor network. Indeed, the vulnerability has already been exploited to identify users who have visited a website containing child pornography. The administrator has closed the main site, but left the online chat site. It is likely that the attack was carried out by the FBI, but there is no confirmation to that effect. A similar exploits could be used to target legitimate sites, such as those frequented by political dissidents.