Tor Browser Released Another Version With Patches Critical Vulnerability

Tor Browser
Tor Browser

[UPDATE] TOR Browser Released another update with its 8.5.3 Version on 21st June 2019.

This release includes an important security update in Firefox, a sandbox escape bug, which combined with additional vulnerabilities could result in executing arbitrary code on the user’s computer.

Download Tor Browser Latest version here


Tor Browser 8.5.2 is released for all platforms including Linux, Windows, Mac and Android and available to download.

Tor Browser is to Protect yourself against tracking, surveillance and censorship.

This release fixes a critical security update in Firefox. In addition the update NoScript to 10.6.3, fixing a few issues.

Users of the safer and safest security levels were not affected by this security issue.

Tor said in the blog,  “As part of our team is currently traveling to an event, we are unable to access our Android signing token, therefore the Android release is not yet available. We expect to be able to publish the Android release this weekend.”

“In the meantime, Android users should use the safer or safest security levels. The security level on Android can be changed by going in the menu on the right of the URL bar and selecting Security Settings.”

The full changelog are as follow-

Tor Browser 8.5.2 Changelog

  • For All platforms
  • Pick up fix for Mozilla’s bug 1544386
  • Update NoScript to 10.6.3
  • Bug 29904: NoScript blocks MP4 on higher security levels
  • Bug 30624+29043+29647: Prevent XSS protection from freezing the browser

Earlier Tor Browser 8.5.1 Version was released on 4th June For all platforms

  • Update Torbutton to 2.1.10
  •  Bug 30565: Sync nocertdb with privatebrowsing.autostart at startup
  •  Bug 30464: Add WebGL to safer descriptions
  •  Translations update
  •  Update NoScript to 10.6.2
  •  Bug 29969: Remove workaround for Mozilla’s bug 1532530
  •  Update HTTPS Everywhere to 2019.5.13
  •  Bug 30541: Disable WebGL readPixel() for web content
  •  Windows + OS X + Linux
  •  Bug 30560: Better match actual toolbar in onboarding toolbar graphic
  •  Bug 30571: Correct more information URL for security settings
  •  Android
  •  Bug 30635: Sync mobile default bridges list with desktop one
  •  Build System
  •  All platforms
  •  Bug 30480: Check that signed tag contains expected tag name

Tor patch comes after Firefox update. On 18th June , Firefox has patched critical security vulnerability

CVE-2019-11707: Type confusion in Array.pop

A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw, reported by Samuel Groß of Google Project Zero, Coinbase Security.

For the latest update about Cyber and Infosec World, follow us on Twitter, Facebook, Telegram , Instagram and subscribe to our YouTube Channel

Leave a Reply
Related Posts