Just one day after rolling out the latest upgrade for general use, Mozilla has temporarily withdrawn Firefox version 16, due to a vulnerability that could allow a malicious site to track user surfing habits.
Updates are expected to be issued shortly, according to a blog post by Michael Coates, director of security assurance at Mozilla.
Firefox version 15 is unaffected, and many users had not yet taken the opportunity to install the new version.
"Firefox 16 has been temporarily removed from the current installer page and users will automatically be upgraded to the new version as soon as it becomes available," he wrote. "As a precaution, users can downgrade to version 15.0.1 by following these instructions. Alternatively, users can wait until our patches are issued and automatically applied to address the vulnerability."
Although the Mozilla blog post says there is no indication that the vulnerability is currently being exploited in the wild, Ars Technica reports that the attack code is now available online.
PUBLISHED OCT. 11, 2012