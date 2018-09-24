A DENIAL OF SERVICE (DoS) bug is causing Mozilla's Firefox to freeze and, in some cases, bork the entire operating system underneath it.

Uncovered by Sabri Haddouche, a software engineer and security researcher at encrypted instant messaging app Wire, the bug can cause Firefox to crash on all major desktop operating systems - Mac, Linux and Windows.

While on Mac and Windows the bug will cause Firefox's browser process to crash and throw-up its usual Crash Reporter popup, it can cause a lot more damage on Windows. As reported by ZDNet, the bug not only crashes the browser but "occasionally" freezes the entire OS, requiring Windows users to perform a hard reboot.

In explaining how the exploit works, Haddouche - who has reported the bug to Mozilla - told ZDNet that "the script generates a file (a blob) that contains an extremely long filename and prompts the user to download it every one millisecond".

"It, therefore, floods the IPC (Inter-Process Communication) channel between Firefox's child and main process, making the browser at the very least freeze," he added.

ZDNet, which carried out its own tests, found that the DoS bug worked against the latest Firefox stable release and also Firefox Developer and Nightly editions. Mozilla's iOS and Android apps, which use the WebKit engine as opposed to the firm's new Quantum engine, aren't affected by the exploit.

News of the bug comes just days after Mozilla released its much-hyped Firefox Reality browser, a "built from the ground up" version of Firefox Quantum designed specifically for those who want to browse the web with a chunk of plastic strapped to their face. µ