Firefox needs an urgent firefix!

Firefox logo 2019

If you're a Firefox user, now is the time to update your browser. A zero-day vulnerability has been discovered which is being actively exploited in targeted attacks.

The security hole was revealed via Google's Project Zero, and it affects ALL versions of Firefox. In short, if you have not updated to Firefox 67.0.3 or Firefox ESR 60.7.1, you need to do so right now.

See also:

Mozilla describes the vulnerability as "critical" and it has been labelled CVE-2019-11707. Aside from saying that the security issue is being actively exploited, Mozilla is currently being (understandably) sparing with details.

In a security advisory, Mozilla warns about "type confusion in Array.pop":

A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw.

All you need to do is ensure that you have the latest version of Firefox installed by checking for updates.

© 1998-2019 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.