Security News > 2020 > April > Two critical Firefox vulnerabilities exploited by attackers, patch now!
2020-04-06 10:09
Mozilla has released critical security updates for Firefox and Firefox ESR on Friday, patching two vulnerabilities that are being actively exploited by attackers.
Update ASAP. Home users and enterprise admins are advised to implement the provided updates as soon as possible.
I would also urge home users to think about making Firefox update itself every time a new update is made available, as recommended by Mozilla.
If you generally don't think twice about installing offered updates, the "Automatically install updates" option might be the right thing for you.
The last actively exploited Firefox zero-day vulnerability before these was patched in January 2020.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/m7897YxZfy8/
Related news
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits (source)
- Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited (source)
- Patch Tuesday: Internet Explorer Vulnerabilities Still Pose a Problem (source)
- Mozilla patches critical Firefox vuln that attackers are already exploiting (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)