Firefox needs an urgent firefix!
If you're a Firefox user, now is the time to update your browser. A zero-day vulnerability has been discovered which is being actively exploited in targeted attacks.
The security hole was revealed via Google's Project Zero, and it affects ALL versions of Firefox. In short, if you have not updated to Firefox 67.0.3 or Firefox ESR 60.7.1, you need to do so right now.
- Security software is causing Firefox users to lose saved passwords
- Firefox unveils new-look logo and introduces new parent brand
- Mozilla promises to delete private data collected by Firefox fix and apologizes for add-on outage
Mozilla describes the vulnerability as "critical" and it has been labelled CVE-2019-11707. Aside from saying that the security issue is being actively exploited, Mozilla is currently being (understandably) sparing with details.
In a security advisory, Mozilla warns about "type confusion in Array.pop":
All you need to do is ensure that you have the latest version of Firefox installed by checking for updates.