14 DAY TRIAL // Mozilla’s Firefox browser for Android devices has been found earlier this week to suffer from a severe security issue, which could result in the execution of malicious code on affected devices.
In short, the flaw can be exploited to force the browser to download malicious applications to a device, and also to install them. The video embedded above demoes this scenario.
However, it appears that the breach could be exploited differently as well, given that Firefox was designed to automatically attempt to open a downloaded file based on existing file associations.
This means that files containing malicious code could be opened without users’ knowledge of the fact. However, in order to become a victim of the exploit, users will need to navigate to a malicious site via Firefox for Android.
In related news, we should note that a new version of the Firefox Beta for Android app has been released for download, with no changelog attached. I doubt that it comes with a fix for this exploit, but it’s still a good idea to update.