Security News
Users may have to upgrade twice to protect their browsers Mozilla has swiftly patched a pair of critical Firefox zero-days after a researcher debuted them at a Vancouver cybersec competition.…
Mozilla has released security updates to fix two zero-day vulnerabilities in the Firefox web browser exploited during the Pwn2Own Vancouver 2024 hacking competition. Mozilla fixed the security flaws in Firefox 124.0.1 and Firefox ESR 115.9.1 to block potential remote code execution attacks targeting unpatched web browsers on desktop devices.
Users of the Firefox browser for Android have been reporting that they are seeing a blank page when trying to load the main Google Search site. A report of the issue on GitHub confirms that the problem is reproducible on Firefox Mobile 121.0 for Android 13 and additional tests indicate the same behavior on Firfox Nightly 123 and all versions starting v65.
Google and Mozilla have patched a zero-day exploit in Chrome and Firefox, respectively. The zero-day exploit could leave users open to a heap buffer overflow, through which attackers could inject malicious code.
Zero-Day Security Vulnerability Found in Chrome, Firefox and Other Browsers Updates are now available to patch a Chrome vulnerability that would allow attackers to run malicious code. It's time to update Google Chrome, Mozilla's Firefox or Thunderbird, Microsoft Edge, the Brave browser or Tor Browser; web development news site StackDiary has reported a zero-day vulnerability in all six browsers that could allow threat actors to execute malicious code.
Mozilla on Tuesday released security updates to resolve a critical zero-day vulnerability in Firefox and Thunderbird that has been actively exploited in the wild, a day after Google released a fix for the issue in its Chrome browser. The shortcoming, assigned the identifier CVE-2023-4863, is a heap buffer overflow flaw in the WebP image format that could result in arbitrary code execution when processing a specially crafted image.
Mozilla released emergency security updates today to fix a critical zero-day vulnerability exploited in the wild, impacting its Firefox web browser and Thunderbird email client. "Opening a malicious WebP image could lead to a heap buffer overflow in the content process. We are aware of this issue being exploited in other products in the wild," Mozilla said in an advisory published on Tuesday.
Google has rushed out a fix for a vulnerability in its Chrome browser, noting that an exploit already exists in the wild. The search giant has followed Apple in hurriedly issuing an update in response to research from The Citizen Lab at The University of Toronto's Munk School.
The latest full new version of Firefox is out, marking the first of two "Monthly" upgrades you'll see this month. Firefox version upgrades happen every 28 days, rather than once a month, so whenever a release comes out early enough in the month, there will be a second upgrade squeezed in at the end.
As a consequence, this is the last version of Firefox that users on those operating systems will receive. From next month, if you're stuck with computers that can only run older, unsupported versions of Windows and macOS, you'll automatically be switched over to the Firefox ESR version.