https://lists.torproject.org/pipermail/tor-talk/2016-November/042639.html
This is an Javascript exploit actively used against TorBrowser NOW. It consists of one HTML and one CSS file, both pasted below and also de-obscured. The exact functionality is unknown but it's getting access to "VirtualAlloc" in "kernel32.dll" and goes from there. Please fix ASAP.
The exploit was confirmed by the Mozilla Security Team
I pointed some folks on irc to this mail, and Daniel Veditz (Mozilla Security Team) said "the Firefox team was sent a copy of that this morning. We've found the bug being used and are working on a patch."
As this particular exploit relies on javascript, turning it off completely for all sites using noscript should provide protection. Do this ASAP, now that the 0day has been exposed whoever is using it may start throwing it around widely before it gets patched.
always turn off javascript, every single serious tor flaw ive ever seen used java as a exploit