Mozilla’s Firefox has been slowly losing market share since its peak in mid-2009. Prior to the establishment of Google’s Chrome, Firefox was the only real alternative to the much despised Internet Explorer.
Its market share has been radically reduced by the advent of the mobile internet with consumers choosing to rely on default browsers, Apple’s Safari and the ever-present Google Chrome.
Firefox suffered yet another setback yesterday when, in an unprecedented move, Mozilla pulled the latest release.
Pushed live on Tuesday, Firefox 16 — the latest version of the decreasingly popular browser — contained a fundamental security flaw. It was discovered within 24 hours that the latest release potentially allowed a malicious site to detect and record your browsing history, with full access to URLs and their parameters.
According to a blog post published late last night by Michael Coates, Director of Security Assurance for Mozilla “[they] have no indication that this vulnerability is currently being exploited in the wild”.
Despite this assurance the issue is more than the usual new release teething problems, as browser manufacturers rarely go to the lengths of withdrawing a new release, typically leaving a buggy product live and patching it as required (as was the case with Firefox 9). Currently, users attempting to download Firefox will be presented with version 15.0.1
Mozilla are expecting to release an update some time later today (Thursday 11th) that will correct the issue. At which point Firefox 16 (version 16.0.1) is expected to be made live again. If you’re concerned that you’ve been affected the advice is to re-download Firefox 15.0.1 until the problem is resolved.
It’s not clear what caused this issue, whether it is a by-product of Mozilla’s rapid release program, or whether it’s the result of patches in the browser designed to address other problems.
As I write this, Firefox 16.0.1 is probably already being prepped for launch. The damage to Mozilla’s reputation will take longer to patch up.
Update: as promised by Mozilla the Firefox 16.0.1 update is now available from mozilla.org/en-US/firefox/new
Have you lost faith in Mozilla as a result of this bug, or does the rapid response increase your confidence in Firefox? Let us know in the comments.
Thumbnail includes ring of fire image via Shutterstock.