Security News > 2020 > April > Two critical Firefox vulnerabilities exploited by attackers, patch now!
Mozilla has released critical security updates for Firefox and Firefox ESR on Friday, patching two vulnerabilities that are being actively exploited by attackers.
Update ASAP. Home users and enterprise admins are advised to implement the provided updates as soon as possible.
I would also urge home users to think about making Firefox update itself every time a new update is made available, as recommended by Mozilla.
If you generally don't think twice about installing offered updates, the "Automatically install updates" option might be the right thing for you.
The last actively exploited Firefox zero-day vulnerability before these was patched in January 2020.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/m7897YxZfy8/
Related news
- You probably want to patch this critical GitHub Enterprise Server bug now (source)
- SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access (source)
- SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation (source)
- Patch Tuesday for September 2024: Microsoft Catches Four Zero-Day Vulnerabilities (source)
- Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847) (source)
- Exploit code released for critical Ivanti RCE flaw, patch now (source)
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)
- Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution (source)
- Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488) (source)
- Patch now: Critical Nvidia bug allows container escape, complete host takeover (source)