Security News > 2020 > April > Two critical Firefox vulnerabilities exploited by attackers, patch now!
2020-04-06 10:09
Mozilla has released critical security updates for Firefox and Firefox ESR on Friday, patching two vulnerabilities that are being actively exploited by attackers.
Update ASAP. Home users and enterprise admins are advised to implement the provided updates as soon as possible.
I would also urge home users to think about making Firefox update itself every time a new update is made available, as recommended by Mozilla.
If you generally don't think twice about installing offered updates, the "Automatically install updates" option might be the right thing for you.
The last actively exploited Firefox zero-day vulnerability before these was patched in January 2020.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/m7897YxZfy8/
Related news
- Netgear warns users to patch critical WiFi router vulnerabilities (source)
- Rsync vulnerabilities allow remote code execution on servers, patch quickly! (source)
- SAP fixes critical vulnerabilities in NetWeaver application servers (source)
- Critical vulnerabilities remain unresolved due to prioritization gaps (source)
- Critical SimpleHelp vulnerabilities fixed, update your server instances! (source)
- SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation (source)
- Patch now: Cisco fixes critical 9.9-rated, make-me-admin bug in Meeting Management (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc (source)