I wonder if it is just me or has anyone else thought whether these vulnerabilities have already been used for a long time before being exposed? Secondly, in my estimation set one's browser to auto- update could protect a user from these security issues and it should always be left turned on. There are more vulnerabilities in browsers that are yet to be exposed than. We already know of and everyone has to take responsibility for their own security.
There are groups of bad actors of course who try and desperately look for Vulnerabilities as a 'day job' so they can find ways to Scam, Expose or what ever else. There are also Code readers who find vulnerabilities that were not found or mentioned before. There are even groups of people who are looking for Vulnerabilities so they could sell them for a hefty Price.
This can go a very long way. Imagine you were a Terrorist planning an attack and Tor was the Browser you were using every single day to research information. The CIA is suspecting you already, but you feel safe browsing Tor. There surely are departments in the C.I.A. with employees whose job is to particularly find Vulnerabilities in Tor well before they are found by Programmers working on Tor. This means you may be subjected to an attack of the C.I.A. while, in your own mind, thinking you are using Tor safely.
Now of course this can happen to any of us. There could be groups of people attacking me right now for all I know. This is a very long story to write anyway.
What I am wondering is. Was I safer during this Exploit as a Non Java Script user?