Mozilla has temporarily removed Firefox 16 from the current installer page after it found a security vulnerability in the new version of its browser.
The vulnerability could allow a malicious site to potentially determine which websites users have visited and have access to the URL (uniform resource locator) or URL parameters, Michael Coates, director of security assurance at Mozilla said yesterday.
Mozilla does not however have any information that the vulnerability is currently being "exploited in the wild," he added. It is working on a fix and plans to ship updates today.
Firefox 16 has been temporarily removed from the current installer page and users will automatically be upgraded to the new version as soon as it becomes available, Coates said.
Firefox version 15 is unaffected, and as a precaution users can downgrade to version 15.0.1. Or they can wait until Mozilla's patches are issued and automatically applied to address the vulnerability, Coates said.
The new version of the browser was released earlier this week and addressed a number of security vulnerabilities, including some considered critical.
Firefox had a 20.08% share of desktop browsers in September, compared to 53.63% share for Internet Explorer and 18.86% for Chrome, according to web measurement company Net Applications.