A bug in the Firefox browser that can be used to bypass an alert for obfuscated URLs is unlikely to trick users, according to Mozilla.
The flaw was uncovered by Armorize Technologies researcher Aditya K. Sood, who warned it could be used by purveyors of malware to increase the chance of leading users to malicious sites.
“On performing analysis of various malware, a bug has been noticed in all version[s] of Firefox which fails to generate an alert when [an] obfuscated URL is being placed in IFrames,” Sood explained on 16 August in a blog post. “In certain cases, it can be used effectively in spreading malware and stealing sensitive information.”
Johnathan Nightingale, Mozilla’s director of Firefox development, however, said it was unlikely the bug could be effectively used by attackers to trick users. For this reason, Mozilla does not plan to issue a fix, according to the company’s Security Blog.
“The concern expressed in the bug is that a page could be constructed with an embedded IFrame that uses a confusing URL,” Nightingale said in a statement. “Most users don’t look at the HTML source of the pages they are loading, which is the only way you’d encounter this URL. We do not anticipate this bug would cause user confusion or deception. Firefox ships with built-in phishing and malware protection that warns users if they are attempting to visit a dangerous URL.”
Staff at Google question CEO Sundar Pichai over 'significant decline' in workforce morale amid ongoing…
Google's search domination to be challenged next week, with OpenAI reportedly set to announce its…
America reportedly set to announce next week import tariffs on strategic Chinese sectors, including electric…
AI-generated content such as video and images are going to be labelled by TikTok using…
Neuralink brain implant embedded in 29-year-old patient named Noland Arbaugh develops a fault, but is…
US agency seeks data from Tesla on Autopilot recall, amid reports US prosecutors are probing…