1. 24
  1. 3

    The mozilla blog has some more info too. Most concerning to me is:

    … in all the user directories it can access it looks for .bash_history, .mysql_history, .pgsql_history, .ssh configuration files and keys …

    Guess I’ll be rotating SSH keys soon. The post also mentions that Windows and Linux users are vulnerable (but not OSX). I wonder if BSD is affected.

    1. 4

      It mentions that OSX is vulnerable, but that the found exploit didn’t target it:

      Mac users are not targeted by this particular exploit but would not be immune should someone create a different payload.

    2. 1

      It seems irresponsible that Firefox is so eager to tell me flash is vulnerable but doesn’t say a word when I open a PDF.