Tails, well-known Linux distribution, has asked its users not to use the Tor Browser included with the operating system after detecting a critical prototype contamination vulnerability. Tor Browser is an open-source modification of Firefox, focusing on users’ privacy.
The developers of Tails have asked users not to start this browser while working with confidential information. The successful exploitation of the flaw would allow bypassing the security mechanisms in the distribution, leaving potentially critical information exposed.
“The vulnerability allows a malicious website to bypass some of the security built into Tor Browser and access information from other websites. For example, after visiting a malicious website, an attacker could access passwords and other sensitive records sent to other websites during the same Tails session,” the report said.
There are no patches available, although the developers have already confirmed the release of the corrected version, Tails 5.1, scheduled for May 31. Meanwhile, the Tails community will be able to use the browser-independent version on Windows, Linux, and macOS systems.
Feel free to access the International Institute of Cyber Security (IICS) websites to learn more about information security risks, malware variants, vulnerabilities, and information technologies.