Firefox is experiencing a critical security vulnerability



[ad_1]

Mozilla has sent an emergency fix to the Firefox browser on all platforms to fix a critical 0 day vulnerability that hackers have exploited during actual attacks.

The United States Cyber ​​Security and Infrastructure Agency (CISA) has issued an alert inviting users and system administrators to review Mozilla's security tips, work on them, and implement the necessary updates.

Mozilla Firefox 67.0.3 and Firefox ESR 60.7.1 have been released to fix the highly exploitable and dangerous vulnerability of its web browser, discovered by Samuel Groß, security researcher for Google's security team, Project Zero.

Mozilla said that Firefox developers were aware of attacks that could misuse this vulnerability, which could allow attackers who exploit this vulnerability to gain control of the affected systems.

This vulnerability allows an attacker to arbitrarily execute arbitrary code on machines that use infected versions of Firefox and have full control over it.

Topics related to what you are reading now:

The vulnerability, named CVE-2019-11707, affects all browser versions currently supported and anyone using Firefox on the desktop (Windows, Mac, and Linux), but does not affect browser users on Android systems; Fire TV.

It is assumed that Firefox versions 57-66 are also exposed, although it is not yet clear whether versions 56 and earlier, which use technologies different from current browser copy technologies, are also affected.

Mozilla recommends that users make sure that they are using the latest version, without providing more details about the security vulnerability or ongoing attacks, but this vulnerability appears to have been exploited during attacks targeting encrypted currency owners.

Critical vulnerabilities of 0day security are very rare in Firefox, and the Mozilla team has released a fix for Firefox to prevent such vulnerabilities in December 2016.

This gap was exploited at the time to obscure the privacy and data collection of Tor users, including IP addresses, MAC addresses, and host names.

[ad_2]
Source link