Security News > 2020 > April > Mozilla Patches Two Firefox Vulnerabilities Exploited in Attacks
2020-04-06 08:46
Mozilla has released updates for its Firefox web browser to patch two critical use-after-free vulnerabilities that have been exploited in attacks.
Both flaws have been addressed with the release of Firefox 74.0.1 and Firefox ESR 68.6.1.
Mozilla has credited researchers Francisco Alonso and Javier Marcos for reporting the vulnerabilities.
The U.S. Cybersecurity and Infrastructure Security Agency has advised users to update Firefox as soon as possible.
This is not the first round of zero-days fixed by Mozilla this year in Firefox.
News URL
Related news
- Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language (source)
- Mozilla Revises Firefox Terms of Use After Inflaming Users Over Data Usage (source)
- Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack (source)
- Mozilla warns users to update Firefox before certificate expires (source)
- GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- Mozilla warns Windows users of critical Firefox sandbox escape flaw (source)
- Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability (source)