News

Mozilla Releases Emergency Patch for Firefox Due to Vulnerability Being Actively Abused

By admin
Spread the love

Mozilla has released an emergency patch for its Firefox browser due to a vulnerability that malicious parties are actively exploiting. The company recommends that users update to version 72.0.1 immediately.

Mozilla will notify users of the need to update immediately via a notification in the browser. The leak is in the IonMonkey compiler, the company reports. That is a Javascript jit compiler. The bug is in incorrect alias information which can lead to a ‘type confusion’. This allows an attacker to crash the browser and exploit that crash for an attack. There are no further details yet.

The bug is similar to bug CVE-2019-11707, which Mozilla fixed in version 67.0.3. The patch comes a day after the release of Firefox 72 and is necessary because Mozilla has seen that attackers are actively exploiting the vulnerability. It is unknown where and when that happened. In addition to Mozilla, the US Cyber ​​and Infrastructure Security Agency also recommends implementing the updates as soon as possible, because the government organization has seen that criminals abuse the bug. You can make updates manually via the Help-About Firefox menu or via the download page. The ESR version of Firefox is 68.4.1.

You might also like
News

EU Council determines position on security requirements for digital products

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Russian ministry bans iPhones due to suspicion of espionage

News

Brave sells web content as data for AI training

News

Firefox beta has support for Nvidia video upscaling technique

News

Valve releases major Team Fortress 2 update with community maps and new taunts

Exit mobile version