Security News > 2024 > March > Mozilla fixes two Firefox zero-day bugs exploited at Pwn2Own
Mozilla has released security updates to fix two zero-day vulnerabilities in the Firefox web browser exploited during the Pwn2Own Vancouver 2024 hacking competition.
Mozilla fixed the security flaws in Firefox 124.0.1 and Firefox ESR 115.9.1 to block potential remote code execution attacks targeting unpatched web browsers on desktop devices.
The two security vulnerabilities were patched only one day after Manfred Paul exploited and reported them at the Pwn2Own hacking contest.
After the Pwn2Own competition, vendors usually take their time to release patches as they have 90 days to push fixes until Trend Micro's Zero Day Initiative publicly discloses them.
Pwn2Own 2024 Vancouver ended on March 22 after security researchers earned $1,132,500 for 29 zero-day exploits and exploit chains demonstrated over the two days of the contest.
Apple fixes two new iOS zero-days exploited in attacks on iPhones.
News URL
Related news
- Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability (source)
- Mozilla Updates Firefox Terms Again After Backlash Over Broad Data License Language (source)
- Mozilla Revises Firefox Terms of Use After Inflaming Users Over Data Usage (source)
- Mozilla warns users to update Firefox before certificate expires (source)
- Mozilla warns Windows users of critical Firefox sandbox escape flaw (source)
- After Chrome patches zero-day used to target Russians, Firefox splats similar bug (source)