Security News > 2020 > April > Mozilla plugs two Firefox browser holes exploited in the wild by hackers to hijack victims' computers

Mozilla has released security updates for its Firefox browser in conjunction with a US Cybersecurity and Infrastructure Security Agency advisory warning that critical vulnerabilities in the browser are being actively exploited.
To address these flaws, Firefox was updated to version 74.0.1 and Firefox Extended Support Release - a slower evolving version for enterprises - was updated to 68.6.1.
Users can also check their version of Firefox via the Firefox -> About Firefox menu and manually initiate an update if one is available.
Because these bugs are considered critical, it's likely they could be exploited by malicious websites to run arbitrary code, such as malware or spyware, on the computers of visitors using vulnerable versions of Firefox.
Firefox recently slipped to third place in the browser popularity race, displaced by Microsoft Edge, which was replatformed last year onto the open source Chromium project.
News URL
https://go.theregister.co.uk/feed/www.theregister.co.uk/2020/04/06/mozilla_firefox_security_patches/
Related news
- Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language (source)
- Mozilla Revises Firefox Terms of Use After Inflaming Users Over Data Usage (source)
- Mozilla warns users to update Firefox before certificate expires (source)
- Mozilla warns Windows users of critical Firefox sandbox escape flaw (source)
- Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability (source)
- Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857) (source)