Update Firefox: Mozilla just patched three hijack-me holes and a bunch of other flaws

2020-06-04 02:28

Mozilla has emitted security updates for Firefox to address eight CVE-listed security flaws, five of them considered to be high-risk vulnerabilities.

Of the five high-risk flaws, three are confirmed to allow arbitrary code execution, which in the case of a web browser means that simply loading up a malicious page could lead to malware running on your machine.

As it turns out, all three of the code execution bugs were found in-house by Mozilla developers, rather than miscreants exploiting them in the wild, which is good news.

While Mozilla did not say it had specifically seen proof-of-concept code in circulation exploiting the bugs, it's pretty sure that with a bit of effort a miscreant could get a working exploit up and running from reading the source changes - so patch away.

Unnamed researchers with the security firm laid claim to a pair of remote code execution flaws that were privately disclosed to Zoom by the team, and patched last month.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/06/04/firefox_77_security_fixes/

#firefox #mozilla

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Mozilla		29	13	629	582	266	1490

News URL

Related news

Related vendor