Security News > 2025 > March > Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability
2025-03-28 05:44
Mozilla has released updates to address a critical security flaw impacting its Firefox browser for Windows, merely days after Google patched a similar flaw in Chrome that came under active exploitation as a zero-day. The security vulnerability, CVE-2025-2857, has been described as a case of an incorrect handle that could lead to a sandbox escape. "Following the recent Chrome sandbox escape (
News URL
https://thehackernews.com/2025/03/mozilla-patches-critical-firefox-bug.html
Related news
- Mozilla fixes Firefox zero-days exploited at hacking contest (source)
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
- Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- Fortinet fixes critical zero-day exploited in FortiVoice attacks (source)
- New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy (source)
- CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664) (source)
- Week in review: Microsoft patches 5 actively exploited 0-days, recently fixed Chrome vulnerability exploited (source)
- Firefox Patches 2 Zero-Days Exploited at Pwn2Own Berlin with $100K in Rewards (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-27 | CVE-2025-2857 | Unspecified vulnerability in Mozilla Firefox Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. | 0.0 |