Javascript exploit actively used against TorBrowser NOW. It consists of one HTML and one CSS file, both pasted below and also de-obscured. The exact functionality is unknown but it’s getting access to “VirtualAlloc” in “kernel32.dll” and goes from there. I had to break the “thecode” line in two in order to post, remove’+’in the middle to restore it. Please fix ASAP. The exploit is currently being actively used by TorBrowser.”]
Source: https://lists.torproject.org/pipermail/tor-talk/2016-November/042639.html