In the ongoing saga of NSA spying, it appears that not even the darknet is safe. Today, reports came in that an exploit has been discovered in the Tor version of Firefox 17 that comes packaged with the Tor browser bundle. An exploit in the browser's code allowed malware to be injected into the system which then beamed the machine's hostname and MAC address back to a remote server in Reston, Virginia.
The vulnerability is only present in the Windows version of the Firefox Extended Support Release 17 browser that was bundled with the Tor Browser Bundle before June of this year. Because automatic updating is turned off in this version, anyone who downloaded the Tor Browser Bundle before June is susceptible to the spying. Tor recommends that users download the new version of the Browser Bundle to stay secure.