Firefox is experiencing a critical security vulnerability
Mozilla has sent an emergency patch to Firefox on all platforms to fix a critical 0day vulnerability that hackers have exploited in real attacks.
The US Cyber Security and Infrastructure Agency (CISA) issued an alert urging users and system administrators to review Mozilla's security tips, and to implement and implement the necessary updates.
Mozilla Firefox 67.0.3 and Firefox ESR 60.7.1 were released to correct the highly exploitable and dangerous vulnerability in its Web browser, discovered by Samuel Groß, security researcher at Google's Project Zero.
Mozilla said Firefox developers were aware of attacks that misused the bug, which could allow attackers who exploit this vulnerability to take control of affected systems.
This vulnerability allows attackers to remotely execute arbitrary code on machines that use infected Firefox versions, and to take full control of them.
Topics related to what you read now:
The vulnerability, called CVE-2019-11707, affects all currently supported browser versions, and anyone who uses Firefox on their desktop (Windows; Mac; and Linux), but does not affect browser users on Android systems; ; And Amazon Fire TV.
It is assumed that Firefox versions 57 to 66 are also at risk, although it is not yet clear that version 56 and older versions – which use technologies different from current browser browser technologies – are also affected.
Mozilla advises users to make sure they are using the latest version, without providing any further details about the security flaw or ongoing attacks, but the vulnerability appears to have been used in attacks targeting owners of encrypted digital currencies.
Critical security vulnerabilities (0day) are very rare within Firefox, and the Mozilla team last released a patch for Firefox to avoid such vulnerabilities in December 2016.
The gap was exploited at the time to eliminate user privacy and data collection of Tor users, including IP addresses; MAC addresses; and host names.
ليست هناك تعليقات