Security News > 2024 > March > Mozilla fixes two Firefox zero-day bugs exploited at Pwn2Own
Mozilla has released security updates to fix two zero-day vulnerabilities in the Firefox web browser exploited during the Pwn2Own Vancouver 2024 hacking competition.
Mozilla fixed the security flaws in Firefox 124.0.1 and Firefox ESR 115.9.1 to block potential remote code execution attacks targeting unpatched web browsers on desktop devices.
The two security vulnerabilities were patched only one day after Manfred Paul exploited and reported them at the Pwn2Own hacking contest.
After the Pwn2Own competition, vendors usually take their time to release patches as they have 90 days to push fixes until Trend Micro's Zero Day Initiative publicly discloses them.
Pwn2Own 2024 Vancouver ended on March 22 after security researchers earned $1,132,500 for 29 zero-day exploits and exploit chains demonstrated over the two days of the contest.
Apple fixes two new iOS zero-days exploited in attacks on iPhones.
News URL
Related news
- QNAP fixes NAS backup software zero-day exploited at Pwn2Own (source)
- QNAP patches second zero-day exploited at Pwn2Own to get root (source)
- Synology hurries out patches for zero-days exploited at Pwn2Own (source)
- RomCom hackers chained Firefox and Windows zero-days to deliver backdoor (source)
- RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks (source)
- Firefox and Windows zero-days exploited by Russian RomCom hackers (source)
- Mozilla really wants you to easily set Firefox as default Windows browser (source)
- Mozilla really wants you to set Firefox as default Windows browser (source)