Mozilla will fix weakness in certificates that also affected Tor

Mozilla officials say they’ll release a Firefox update on Tuesday that fixes the same cross-platform, malicious code-execution vulnerability patched Friday in the Tor browser. The vulnerability allows an attacker who has a man-in-the-middle position and is able to obtain a forged certificate to impersonate Mozilla servers, Tor officials warned in an advisory. From there, the attacker could deliver a malicious update for NoScript or...