Security News > 2020 > April > Two critical Firefox vulnerabilities exploited by attackers, patch now!
2020-04-06 10:09
Mozilla has released critical security updates for Firefox and Firefox ESR on Friday, patching two vulnerabilities that are being actively exploited by attackers.
Update ASAP. Home users and enterprise admins are advised to implement the provided updates as soon as possible.
I would also urge home users to think about making Firefox update itself every time a new update is made available, as recommended by Mozilla.
If you generally don't think twice about installing offered updates, the "Automatically install updates" option might be the right thing for you.
The last actively exploited Firefox zero-day vulnerability before these was patched in January 2020.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/m7897YxZfy8/
Related news
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Critical vulnerabilities persist in high-risk sectors (source)
- Critical 9.8-rated VMware vCenter RCE bug exploited after patch fumble (source)
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)
- CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
- Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities (source)
- BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products (source)
- Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected (source)