Pierluigi Paganini
March 14, 2020
The Tor Project announced a major bug in the Tor browser that may cause the execution of JavaScript code on sites for which users have specifically blocked JavaScript.
The development team at the Tor Project announced that it is already working on a fix, but at the time it is not clear when it will be rolled out.
The feature that
Such kind of scripts was also employed in investigations conducted by law enforcement, in 2013, the FBI admitted attack against the Freedom Hosting, probably the most popular Tor hidden service operator company at the time.
This week, the Tor Project released the Tor Browser version 9.0.6 that features important security updates to Firefox.
The maintainers of the Tor Project announced that they have discovered a bug in TBB’s security options. The bug causes the execution of JavaScript code even when the browser was set up to use the highest security level, the
“We are aware of a bug that allows javascript execution on the Safest security level (in some situations).” reads the post published by the Tor team. “We are working on a fix for this. If you require that javascript is blocked, then you may completely disable it by:
The Tor team confirmed that Noscript 11.0.17 should solve this issue and that the issue is automatically updated by default.
“Automatic updates of Noscript are enabled by default, so you should get this fix automatically.”
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Tor Browser)
[adrotate banner=”5″]
[adrotate banner=”13″]
