Firefox updates address takeover vulnerability

News by Robert Abel

The issue was addressed and patched in Firefox 67.0.3 and Firefox ESR 60.7.1

Mozilla released security updates to address a vulnerability in Firefox and Firefox ESR that could allow attackers to take control of an affected system. 

The vulnerability is rated critical and is actively being exploited in the wild. Mozilla called it "a type confusion vulnerability" that occurs when manipulating JavaScript objects due to issues in Array.pop. When exploited, the vulnerability can ultimately result in an exploitable crash, according to a security notice on 18 June.

The issue was addressed and patched in Firefox 67.0.3 and Firefox ESR 60.7.1. Those who are affected are advised to update their systems immediately. 

This article was originally published on SC Media US.

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews

Interview - Everyone has an Achilles heel: The new security paradigm

How can we defend networks now that the perimeter has all but disappeared?
Brought to you in partnership with ExtraHop