Home > Cyber News > Tor Browser Zero-Day Vulnerability Revealed: Patch Immediately!
CYBER NEWS

Tor Browser Zero-Day Vulnerability Revealed: Patch Immediately!

Zerodium recently reported the discovery of a new zero-day exploit in Tor browser. The same exploit vendor earlier this year offered $1 million for submitting such an exploit for Tor browser. The new Tor zero-day could reveal the identity of the websites visited by the user.




Zerodium Reveals Tor Browser Zero-Day in a Tweet

Тhe exploit vendor reported the flaw and gave instructions on how it can be reproduced in a tweet posted on Monday. It appears that the recently released Tor Browser 8 is not affected by the zero-day:

Advisory: Tor Browser 7.x has a serious vuln/bugdoor leading to full bypass of Tor / NoScript ‘Safest’ security level (supposed to block all JS). PoC: Set the Content-Type of your html/js page to “text/html;/json” and enjoy full JS pwnage. Newly released Tor 8.x is not affected.

As visible by the tweet, the exploit is about a vulnerability in the Tor browser but in fact it impacts NoScript. NoScript is a well-known Firefox extension which guards users from malicious scripts by allowing JavaScript, Java, and Flash plugins to be executed only on trusted websites. It should be noted that the Tor Browser is based on Firefox’s code, thus it includes NoScript by default.

Zerodium says that NoScript versions 5.0.4 to 5.1.8.6 can be bypasses to run any JS file by altering its content-type header to JSON format. This can happen even when the “Safest” security level is enabled. This means that a website can take advantage of this zero-day to execute malicious JavaScript on Tor browser and to obtain the real IP address of the victim.

Fortunately, the latest version of Tor is not affected by this vulnerability, simply because the NoScript plugin for the Quantum version of Firefox is based upon a different API format. However, users running Tor 7.x are urged to update the browser as soon as possible to the latest release to avoid any compromise.

Finally, NoScript was notified about the issue and fixed the flaw with the release of NoScript “Classic” version 5.1.8.7.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree