The Tor Project announced the release of an emergency update for Tor Browser 13.5.14, specifically targeting users on Windows 7, 8, and 8.1. This update is part of the ongoing legacy channel support for these older operating systems, providing crucial security patches to ensure the safety of Tor Browser users on these platforms.
Windows users on these systems are advised to update immediately to mitigate the security risks associated with the vulnerabilities addressed in this release.
Why Tor Browser 13.5.14 Matters
The Tor Browser 13.5.14 update includes vital security fixes, which were backported from Firefox 128.8.1 ESR (Extended Support Release). This update is important because it addresses a critical vulnerability in Firefox that could have severe implications for users.
The issue revolves around a flaw identified in Firefox’s sandboxing mechanisms, which could potentially allow attackers to escape the browser’s sandbox and execute arbitrary code. This vulnerability is tracked under CVE-2025-2857 and is related to an incorrect handle that could be exploited by a compromised child process, allowing it to gain access to higher privileges.
As mentioned in the Mozilla Foundation Security Advisory 2025-19, this vulnerability was actively exploited in the wild, making the update all the more urgent. The flaw was initially identified in the IPC (Inter-Process Communication) code of Firefox, which is crucial for the safe isolation of processes running within the browser. If this vulnerability were exploited, it could lead to dangerous scenarios, including a complete compromise of the affected system.
Who Needs This Update?
This emergency release, Tor Browser 13.5.14, is exclusively for Windows 7, 8, and 8.1 users. If you are using a different version of Windows or a different operating system, it is highly recommended to download the latest stable version of Tor Browser 14.0 or higher. This update is essential for those on older versions of Windows who may not have access to newer security patches through regular updates.
Changes in This Release
The Tor Browser 13.5.14 version includes the following key updates:
- Backporting of security fixes from Firefox 128.8.1 ESR, which addresses critical vulnerabilities.
- Bug fixes in the build system, ensuring better stability and security.
- Updates related to user experience and other optimizations for the browser interface.
The security vulnerabilities patched in this release are primarily focused on Windows-based systems, particularly around sandbox escapes, which can lead to severe security breaches if exploited. Other operating systems are not affected by this specific vulnerability.
What You Need to Know About Tor Browser 13 and 14 Updates
Tor Browser 13.5.14 is part of the legacy channel, which continues to support older versions of Windows. The release is a necessary measure to extend the lifespan of Tor Browser on these platforms, but users should upgrade to newer versions of Windows if possible. For those running up-to-date operating systems, Tor Browser 14.0 offers the latest features and security improvements.
The recent release of Tor Browser 13 marks a critical juncture in the software’s evolution, with regular updates ensuring the browser stays protected of security threats. The Tor Browser update process is straightforward and available for download from the official Tor Project website.
Conclusion
The Tor Browser 13.5.14 emergency release is a vital update for users on Windows 7, 8, and 8.1, addressing a critical vulnerability that could have serious security implications. Users are urged to update their browsers immediately to protect themselves from potential exploits.
Source: Read More