If You Use Firefox, Update Your Browser Now As Mozilla Reports “critical” Bug In Current Version

Posted: Jun 19 2019, 1:37am CDT | by , in Technology News

If you use Firefox, update your browser now as Mozilla reports “critical” bug in current version
Photo by Negative Space on Pexels

A bug tagged as critical allows hackers to run attacker code and install software without having to interact with a user.

Mozilla Corp., which operates the Mozilla Firefox web browser, is urging users of the service to update to the latest version of the desktop software as soon as possible following the discovery of a critical bug.

The affected programs include the Firefox and the Firefox ESR (Extended Support Release), a version of the Firefox developed for system administrators of large corporations, government agencies and universities.

In a security advisory on its website, Mozilla classified the bug as having “critical” impact as it “can allow for an exploitable crash.” Under Mozilla’s security tags, a critical impact allows hackers to run attacker code and install software without having to interact with a user beyond normal browsing. It is the highest of Mozilla’s four impact keys.

Mozilla said it is already aware of targeted attacks abusing the vulnerability. The company added that the bug, described as a “type confusion vulnerability,” can occur when manipulating JavaScript objects due to issues in Array.pop. The bug was reported by Samuel Groß of Google Project Zero and Coinbase Security.

Firefox currently offers a bounty for bug finders, a program that has been ongoing since 2004. Under the move, Mozilla rewards users who identify and report security vulnerabilities in Firefox. The company is offering a $500 cash bounty for users reporting critical security bugs.

The tech company is urging users with Firefox 67.0.3 and Firefox ESR 60.7.1 to update their systems immediately.

The discovery of the latest vulnerability involving Firefox comes two weeks after Mozilla, in partnership with Disconnect, unveiled enhanced tracking protection, which allows the Firefox browser to block sites from tracking a user.

Less than a week ago, Mozilla also disclosed that it fixed security vulnerabilities in Mozilla Thunderbird, a free and open-source, cross-platform email client and news client. At least four reported vulnerabilities were recorded, of which three were classified as having “high” impact.

This story may contain affiliate links.


Find rare products online! Get the free Tracker App now.

Download the free Tracker app now to get in-stock alerts on Pomsies, Oculus Go, SNES Classic and more.

Latest News


The Author

<a href="/latest_stories/all/all/81" rel="author">Mandy Jean</a>
Mandy covers the latest news in Tech and Business.




comments powered by Disqus