Security News > 2020 > January > Critical Firefox 0-Day Under Active Attacks – Update Your Browser Now!
Attention! Are you using Firefox as your web browsing software on your Windows, Linux, or Mac systems?
If yes, you should immediately update your free and open-source Firefox web browser to the latest version available on Mozilla's website.
Why the urgency? Mozilla earlier today released Firefox 72.0.1 and Firefox ESR 68.4.1 versions to patch a critical zero-day vulnerability in its browsing software that an undisclosed group of hackers is actively exploiting in the wild.
Tracked as 'CVE-2019-17026,' the bug is a critical 'type confusion vulnerability' that resides in the IonMonkey just-in-time compiler of the Mozilla's JavaScript engine SpiderMonkey.
By default, automatically installs updates when they are available and activate a new version after a restart, you can always do a manual update using the built-in functionality by navigating to Menu > Help > About Mozilla Firefox.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/DoAwkbwSvmA/firefox-cyberattack.html
Related news
- Critical Security Flaw in WhatsUp Gold Under Active Attack - Patch Now (source)
- 0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices (source)
- 18-year-old security flaw in Firefox and Chrome exploited in attacks (source)
- “0.0.0.0-Day” vulnerability affects Chrome, Safari and Firefox (source)
- CISA warns critical SolarWinds RCE bug is exploited in attacks (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Critical Flaws in Traccar GPS System Expose Users to Remote Attacks (source)
- Ransomware attacks escalate as critical sectors struggle to keep up (source)
- Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks (source)
- Russian military hackers linked to critical infrastructure attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-02 | CVE-2019-17026 | Type Confusion vulnerability in multiple products Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. | 8.8 |