Mozilla Patched Zero-Day Vulnerability With Firefox 72.0.1

in browser •  5 years ago 


Mozilla has recently released the Firefox 72 browser with numerous security updates. Other than better privacy features, Mozilla also patched multiple security bugs with the browser version. However, it seems they missed something for which they had to release another version. Now, Firefox 72.0.1 is also out with a patch for a zero-day flaw.

Zero-Day Firefox Vulnerability Under Active Exploit


Researchers from the Chinese cybersecurity firm Qihoo 360 discovered a zero-day vulnerability in the Firefox browser. The bug, upon exploit, could allow an attacker to execute code on the target device.

As described in Mozilla’s advisory, there existed a type confusion vulnerability in the browser. Regarding the flaw CVE-2019-17026, Mozilla stated,

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion.
What’s more troublesome with the zero-day was that it was already under active exploitation. Mozilla also confirmed in their advisory,
We are aware of targeted attacks in the wild abusing this flaw.
No further information is presently available about how the perpetrators exploited this flaw in the wild.

Mozilla Patched The Flaw

Upon receiving the report regarding the zero-day, Mozilla worked on a fix for the flaw. Consequently, soon after they rolled out Firefox 72, they released Firefox 72.0.1 whilst including the fix for the zero-day.

According to ZDNet, the Qihoo 360 researchers also disclosed an accompanying actively exploited zero-day vulnerability in Internet Explorer. However, shortly after sharing the news via Twitter, they deleted their tweet. Hence, it’s a bit unclear if any such related vulnerability existed or still exists.

Let us know your thoughts in the comments.

Posted from my blog with SteemPress : https://latesthackingnews.com/2020/01/12/mozilla-patched-zero-day-vulnerability-with-firefox-72-0-1/

browser browservulnerability bugs firefox firefoxwebbrowser
5 years ago by

Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

  • Disagreement on rewards
  • Fraud or plagiarism
  • Hate speech or trolling
  • Miscategorized content or spam

Submit
$0.00
    3 votes
    1
    Authors get paid when people like you upvote their post.
    If you enjoyed what you read here, create your account today and start earning FREE STEEM!
    Sort Order:  
  • Trending
    • [-]
      ·  5 years ago 

    Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
    https://latesthackingnews.com/2020/01/12/mozilla-patched-zero-day-vulnerability-with-firefox-72-0-1/

    Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

    • Disagreement on rewards
    • Fraud or plagiarism
    • Hate speech or trolling
    • Miscategorized content or spam

    Submit
    $0.00