Files extracted during updates are not always read only

ID MFSA2014-16
Type mozilla
Reporter Mozilla Foundation
Modified 2014-03-18T00:00:00


Security researcher Ash reported an issue where the extracted files for updates to existing files are not read only during the update process. This allows for the potential replacement or modification of these files during the update process if a malicious application is present on the local system.