Only a week after disclosing a new web code exploit that can cause an iPhone to crash, security researcher Sabri Haddouche (opens in new tab), has uncovered another browser bug that can force Firefox to crash on all three popular desktop operating systems – Mac, Linux and Windows – reports ZDNet (opens in new tab).
According to ZDNet, the bug not only crashes the browser on a Windows machine, it also occasionally freezes the entire operating system, requiring users to perform a hard reboot. Mobile platforms seem safe from the exploit, however, and tests performed by ZDNet have confirmed that Firefox on Android and iOS are not affected.
After #Mailsploit, releasing #BrowserReaper so you can kill your browser.More information: https://t.co/9Ls3AKps72September 23, 2018
In explaining how the exploit works, Haddouche told ZDNet that “the script generates a file (a blob) that contains an extremely long filename and prompts the user to download it every one millisecond”.
"It, therefore, floods the IPC (Inter-Process Communication) channel between Firefox's child and main process, making the browser at the very least freeze," he added.
Haddouche has notified Mozilla of the new exploit, which comes hot on the heels of the release of Firefox 62 – which itself contained 13 significant bug fixes. It's already been added to the internet company’s bug tracking platform and Firefox users can find out more about the progress on a fix there.