A newly discovered browser bug can crash Firefox browsers on Linux, Mac and Windows.
Discovered by Sabri Haddouche, the new Firefox bug forces the browser to show its classic Crash Reporter popup.
Sabri is a security researcher at Wire, who likes to hunt bugs in his leisure. He recently also discovered bugs in Safari and Chrome browsers. The Safari bug could crash WebKit-based applications on iPhones, iPads, and Macs.
The Firefox bug can be more dangerous for Windows users. Along with crashing the browser, it can also freeze the entire operating system. If the OS freezes, users would need to perform a hard reboot, which means that they will need to restart the computer manually, physically, or using any other methods other than restarting from OS controls.
In an interview, Sabri told ZDNet, “What happens is that the script generates a file (a blob) that contains an extremely long filename and prompts the user to download it everyone millisecond.”
“It, therefore, floods the IPC (Inter-Process Communication) channel between Firefox’s child and main process, making the browser at the very least freeze.”
ZDNet found the bug working against Firefox’s latest stable release, as well as the Firefox Developer and Nightly Editions. Firefox for Android is unaffected by the bug.
Mozilla recently released the latest version of Firefox (62.0.2) to fix 13 bugs. Sabri has informed Mozilla about the new bug. Mozilla has added the bug to its bug tracking platform. Users can keep themselves updated about the bug or fixes at Bugzilla.
Image source: Sabri Haddouche
