Mozilla pulls Firefox 16 over security concerns

Posted by Emma Woollacott

Just a day after its release, Firefox 16 has been pulled after the discovery of a serious security flaw.

The company says it is working on a fix, and hopes to ship updates today. It's already released a patch for Android versions of the browser, available here on the Google Play store.

Extra-cautious users can temporarily downgrade to version 15.0.1, here.

"The vulnerability could allow a malicious site to potentially determine which websites users have visited and have access to the URL or URL parameters," says Mozilla's director of security assurance Michael Coates on the company's security blog.  

"At this time we have no indication that this vulnerability is currently being exploited in the wild."

The new version of the browser was released earlier this week and was itself intended to address several security vulnerabilities. It came with 14 security advisories, eleven of which were rated as critical.

Users aren't impressed by the recall.

"I am very disappointed that Firefox builds that turn releases are not properly tested and have unprecedented stability, security, and reliablity issues ever since the beginning of this so called RapidRelease program," Matt Tobin of Binary Outcast comments to Firefox.

"If Mozilla is not up to the task of providing an end to end experience with a fast cycle of releases it should return to the tried and true method of releasing updated versions when they actually reach a specific standard for code and functionality."