If you are a Firefox user, you might want to stop what you are doing and update your browser. Mozilla has just released a security advisory warning of a severe vulnerability affecting almost all versions.
Currently, both Mozilla’s Firefox and Firefox ESR products are affected by the security vulnerability — with all versions of the browsers, barring the latest releases, being vulnerable. Because of this, it is highly recommended to update to the latest version of the browser, either Firefox 67.0.3 or Firefox ESR 60.7.1.
A full description of the vulnerability, as provided by Mozilla, is shown below:
A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop
. This can allow for an exploitable crash.
A Critical Firefox Flaw
In essence, this simply means that a javascript exploit can be used to crash Firefox — an event which can be used to execute malicious code on the machine without permission from the user. The exploit is rated as critical, the highest impact level, since the vulnerability can be used to install code and software on affected devices without requiring any specific user interactions — just normal browsing of a compromised site. It is currently unclear whether the same exploit can be used to target users of other browsers, though it may be wise to assume that Firefox clones, such as Waterfox and Pale Moon, may vulnerable. Unlike many security vulnerabilities detected by Mozilla, this one is rare — in that it has been shown to be used in the wild to exploit users. Naturally, cryptocurrency users are likely among the first to be targeted by the exploit, though the full reach of the issue remains to be seen.Update Windows While You’re at It
In other news, Microsoft just released a warning that its new KB4503327 security upgrade may cause a temporary black screen on certain devices. If you are a Windows users presented with this issue, don’t worry. You haven’t been hacked. A simple forced-restart, executed by pressing CTRL+ALT+DELETE and selecting the restart option, should resolve the issue. Have you come across any websites exploiting the new Firefox vulnerability? Help us warn other users by leaving them in the comments below!Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
Daniel Phillips
After obtaining a Masters degree in Regenerative Medicine, Daniel pivoted to the frontier field of blockchain technology, where he began to absorb anything and everything he could on the subject. Daniel has been bullish on Bitcoin since before it was cool, and continues to be so despite any evidence to the contrary. Nowadays, Daniel works in the blockchain space full time, as both a copywriter and blockchain marketer.
After obtaining a Masters degree in Regenerative Medicine, Daniel pivoted to the frontier field of blockchain technology, where he began to absorb anything and everything he could on the subject. Daniel has been bullish on Bitcoin since before it was cool, and continues to be so despite any evidence to the contrary. Nowadays, Daniel works in the blockchain space full time, as both a copywriter and blockchain marketer.
READ FULL BIO
Sponsored
Sponsored