Mozilla urges Firefox users to update their web browser to fix critical vulnerabilityhttps://indianexpress.com/article/technology/tech-news-technology/mozilla-urges-firefox-users-to-update-their-web-browser-to-fix-critical-vulnerability-5788506/

Mozilla urges Firefox users to update their web browser to fix critical vulnerability

Mozilla has issued warning to Firefox users and urged them to update their web browsers to address a critical security vulnerability.

Mozilla has urged Firefox users to update their web browser to address critical security vulnerabilities. (Image source: Reuters)

Mozilla, the maker of Firefox web browser, has issued a warning to its users and asked them to update their web browser after the company rolled out an advisory briefing about a critical vulnerability. The advisory was issued on Tuesday (June 18) and it provides information about the security vulnerabilities that have been fixed in Firefox 67.0.3 and Firefox ESR 60.7.1.

As per the description provided in the advisory, “A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash.”

The Mozilla post further read “We are aware of targeted attacks in the wild abusing this flaw.” The company has marked the update as ‘critical’. Apart from this small description, there are no details about this security flaw or the systems which have been affected by this so far. According to reports, the bug is critical since it allows outside users to remotely execute code on your machine without your permission.

The bug was reported by Samuel Groß, who is reportedly a security researcher with Google Project Zero and Coinbase Security.

Advertising

The vulnerability is of a high magnitude so much so that even the US-Computer Emergency Readiness Team (US-CERT) has issued an advisory in this regard.

According to US-CERT advisory, an attacker can exploit the vulnerability to take control of an affected system. “This vulnerability was detected in exploits in the wild.” the advisory read.

Also read: Mozilla rolls out fix after Firefox users report problems with add-ons, extensions

“The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Firefox 67.0.3 and Firefox ESR 60.7.1 and apply the necessary updates.” the US-CERT said in its advisory.