Skip to main content

Mozilla urges Firefox users to update browser immediately due to vulnerability

Image credit: TechRadar

Following the discovery of a zero-day vulnerability in its browser, Mozilla is urging Firefox users to immediately update to the latest version of its desktop app − that includes Firefox ESR, which is intended for use by system administrators who control desktop environments in schools, offices, governments and other organizations.

The bug, which is described as a 'type confusion vulnerability', has been given an impact level of 'critical', as it allows outside users to remotely execute code on your machine without your permission.

Make yourself invulnerable 

"A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash," says Mozilla on its security advisory page

Worryingly, the corporation also notes that there have already been instances of "targeted attacks in the wild abusing this flaw," which means you really should update to the fixed versions (Firefox 67.0.3 and Firefox ESR 60.7.1) as soon as possible. 

Thankfully, Mozilla has the ability to deploy patches and security updates automatically, meaning that in theory you should only have to restart Firefox in order to receive the fixed version.

Recently, Mozilla also rolled out new security tools for its Firefox browser which are intended to prevent two other pernicious security and privacy issues − fingerprinting and cryptojacking.

[Source: The Register]

Stephen Lambrechts

Stephen primarily covers phones and entertainment for TechRadar's Australian team, and has written professionally across the categories of tech, film, television and gaming for over a decade. He's obsessed with smartphones, televisions, and consuming all forms of media at the highest quality possible. He's also likely to talk a person’s ear off at the mere mention of Android, cats, retro sneaker releases or boutique Blu-ray labels.