https://www.zdnet.com/article/malicious ... ed-to-fix/
For the past few years, malware authors, ad farmers, and scammers have been abusing this bug to lure users on sites where they show all sorts of nasties, such as tech support scams, ad farms that reload the page with new ads in a loop, pages that push users to buy fake gift cards, or sites that offer malware-laced software updates.
Despite being reported over and over again for seven other times [1, 2, 3, 4, 5, 6, 7], this issue has gone unfixed, for unknown reasons, and crooks have gladly abused it all this time.
The latest example of abuse comes from a user who reported the issue once again today, after landing on one of these shady sites that tried to force him into installing a suspicious Firefox extension.
"At first, it is opened full screen mode. With some fake Windows dialog (I am using Linux so I know it is fake)," the user said. "It tried to [force] me install their extensions."
"Then I press ESC to exit full screen. I click the close button of tab or window, but it doesn't work because it has this login dialog. I click close button of the login dialog or cancel button. Then the dialog will appear again. I click the 'Don't allow' button of extension installation pop over, but it seems not clickable. I killed the Firefox process, which is the only solution for me."
Malicious sites abuse 11-year-old Firefox bug
For discussions about security.
Message
Author
Jump to
- House Training
- ↳ Beginners Help ( Start Here)
- ↳ Users ( For the regulars )
- ↳ Für deutschsprachige Anhänger
- ↳ Pour les francophones
- ↳ Usuarios de habla Hispana
- ↳ HOWTO ( Solutions )
- ↳ Bugs ( Submit bugs )
- Advanced Topics
- ↳ Additional Software (PETs, n' stuff)
- ↳ Package Collections / Repositories
- ↳ REQUESTS
- ↳ Browsers and Internet
- ↳ Business
- ↳ Compiling
- ↳ Desktop
- ↳ Documents
- ↳ Drivers
- ↳ Educational
- ↳ Engineering/Science/Simulation
- ↳ Eye Candy
- ↳ Filesystem
- ↳ Games
- ↳ Graphics
- ↳ Multimedia
- ↳ Network
- ↳ Security/Privacy
- ↳ System
- ↳ Utilities
- ↳ Virtualization
- ↳ Unsorted
- ↳ Cutting edge
- ↳ Multi-session live-CD/DVD
- ↳ Hardware
- ↳ Audio
- ↳ Networking
- ↳ Dialup
- ↳ Ethernet
- ↳ Wireless
- ↳ Printers
- ↳ Video
- ↳ Puppy Derivatives
- ↳ Puppy Projects
- ↳ Next Puppy Development
- ↳ 4.x
- ↳ Bugs (4.x dev)
- ↳ Usability Issues (4.x dev)
- ↳ 5.x
- ↳ Bugs (5.x dev)
- ↳ Usability Issues (5.x dev)
- ↳ Localization Project
- ↳ Documentation Project
- Taking the Puppy out for a walk
- ↳ Announcements
- ↳ Puppy Power
- ↳ Suggestions
- ↳ Misc
- Off-Topic Area
- ↳ Programming
- ↳ Security
- ↳ Truly off-topic conversations
- ↳ Spam reports