Security News > 2024 > March > Mozilla fixes two Firefox zero-day bugs exploited at Pwn2Own
Mozilla has released security updates to fix two zero-day vulnerabilities in the Firefox web browser exploited during the Pwn2Own Vancouver 2024 hacking competition.
Mozilla fixed the security flaws in Firefox 124.0.1 and Firefox ESR 115.9.1 to block potential remote code execution attacks targeting unpatched web browsers on desktop devices.
The two security vulnerabilities were patched only one day after Manfred Paul exploited and reported them at the Pwn2Own hacking contest.
After the Pwn2Own competition, vendors usually take their time to release patches as they have 90 days to push fixes until Trend Micro's Zero Day Initiative publicly discloses them.
Pwn2Own 2024 Vancouver ended on March 22 after security researchers earned $1,132,500 for 29 zero-day exploits and exploit chains demonstrated over the two days of the contest.
Apple fixes two new iOS zero-days exploited in attacks on iPhones.
News URL
Related news
- Mozilla fixes Firefox zero-day actively exploited in attacks (source)
- Firefox Zero-Day Under Attack: Update Your Browser Immediately (source)
- Mozilla patches critical Firefox vuln that attackers are already exploiting (source)
- Actively exploited Firefox zero-day fixed, update ASAP! (CVE-2024-9680) (source)
- Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland (source)
- Over 70 zero-day flaws get hackers $1 million at Pwn2Own Ireland (source)
- QNAP fixes NAS backup software zero-day exploited at Pwn2Own (source)
- QNAP patches second zero-day exploited at Pwn2Own to get root (source)
- Synology hurries out patches for zero-days exploited at Pwn2Own (source)