Your system may not meet the requirements for Firefox, but you can try one of these versions:

Your system doesn't meet the requirements to run Firefox.

Your system doesn't meet the requirements to run Firefox.

Please follow these instructions to install Firefox.

Firefox Privacy Notice

Mozilla Foundation Security Advisory 2016-55

File overwrite and privilege escalation through Mozilla Windows updater

Announced
June 7, 2016
Reporter
Frédéric Hoguin
Impact
High
Products
Firefox, Firefox ESR
Fixed in
  • Firefox 47
  • Firefox ESR 45.2

Description

Security researcher Frédéric Hoguin reported a mechanism where the Mozilla Windows updater could be used to overwrite arbitrary files. He found that files extracted by the updater from a MAR archive are not locked for writing and can be overwritten by other processes while the updater is running. A malicious local program could invoke the updater and then interfere with the extracted files, replacing them with its own. This vulnerability could be used for privilege escalation if these overwritten files were later invoked by other Windows components that had higher privileges.

This issue does not affect non-Windows operating systems.

References