Security Advisory: Firefox exploit found in the wild


You are advices to set configure the following setting in Tor Browser in Whonix:

Edit → Preferences → Applications ->Portable Document Format (PDF) → Save File

You are advices to update as soon as updates are available. This blog post will be updated as new information come in.

(Do that same with Firefox / Iceweasel if you are using that elsewhere.)

Problem description at Mozilla Firefox blog:

Impact in Whonix:

– Unless you were using AppArmor, local files within the VM would be accessible.

Vulnerable browsers:

Tor Browser

– Firefox

– Iceweasel

Tor Browser upstream Bug report:

Whonix forum discussion:,1495.0.html