The Tor Project released Tor Browser 9.0.7 with critical bug fix.
However, users have noted that the NoScript 11.0.17 update that automatically applied to all users didn't fully mitigate the issue.
This, again, could have led to some users' information being accidentally leaked and potentially deanonymizing them.
This particular bug is patched using Tor Browser 9.0.7.
With the version, the team at the Tor Project finally introduces a permanent fix for the issue.
According to the Tor Project on the announcement:
Time to update: There's a new version of Tor Browser out now.
Tor Browser 9.0.7 updates Tor to 0.4.2.7 and NoScript to 11.0.19.
— The Tor Project (@torproject) March 24, 2020
The Tor Browser is designed by privacy-preserving features that also masks real IP addresses to keep users anonymous online.
This is why the browser is often used by journalists, political activities, dissidents in oppressive countries, and others that also include cyber criminals, as a way to evade firewalls, online censorship and in order to talk without having to be afraid of regulations.
With their IP unveiled, hackers can use the information for fingerprinting or to unveil their true location.
The version also bumps HTTPS Everywhere extension to version 2020.3.16.
To make use of the patch, users should restore the previous behavior urged by Tor