May 13, 2024

Tor is one of the biggest open-source software, its networks have virtual tunnels that generally enable people and different groups to enhance their privacy and security on the Internet.

Tor has released its Tor Browser 10.0.18, and the main motive of this release is to fix all the countless bugs, which also include a vulnerability that enables different websites to keep track of their users by fingerprinting the installed application. Thousands of relays conceal user location and there usage

Scheme flooding is a vulnerability, that uses different custom URL schemes as an attack vector. This vulnerability generally enables the actors to identify that which applications have been installed by the users.Main motive of doing this is want to assign a permanent unique identifier in the user’s computer so that they can use the system even if the users switch browsers just by using incognito mode or a VPN.

This exploit generally helps the hackers to track down the usage of users’ browsers like Google Chrome, Safari, even the Tor browser as well.

Thorough Changelog

The experts have mentioned a full changelog for Tor 10.0.18, which is given below:-

All Platforms

  • Update Tor to 0.4.5.9

Android

  • Update Fenix to 89.1.1
  • Update NoScript to 11.2.8
  • Bug 40055: Rebase android-components patches on 75.0.22 for Fenix 89
  • Bug 40165: Announce v2 onion service deprecation on about:tor
  • Bug 40166: Hide “Normal” tab (again) and Sync tab in TabTray
  • Bug 40167: Hide “Save to Collection” in menu
  • Bug 40169: Rebase fenix patches to fenix v89.1.1
  • Bug 40170: Error building tor-browser-89.1.1-10.5-1
  • Bug 40432: Prevent probing installed applications
  • Bug 40470: Rebase 10.0 patches onto 89.0

Build System

  • Android
    • Bug 40290: Update components for mozilla89-based Fenix

This new version updates Tor to 0.4.5.9, and it consists of all the important security fixes. This also updates Firefox to 89.1.1, and NoScript to 11.2.8 and all this new version includes the important security updates to Firefox for Android.

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

Joint CSA advisory on BlackBasta Ransomware

May 12, 2024

Ascension Healthcare was hit by a Cyber Attack

May 11, 2024

Dell Technologies suffers a data breach

May 11, 2024

Google Patches emergency Zeroday Vulnerability in Chrome-CVE-2024-4671

May 10, 2024

ZScaler investigates the data breach claim

May 9, 2024

Cato at RSA 2024 – Log4j Vulnerability is still most exploitable

May 8, 2024

Discover more from TheCyberThrone

Subscribe now to keep reading and get access to the full archive.

Continue reading