Mozilla released,
on Wednesday (19) an emergency update for Firefox
that fixes a critical vulnerability zero day. Discovered by members of Google Project Zero and
Coinbase Security, the bug allows a malicious site to infiltrate dangerous code
on the computer through the browser.
In a note on the security update,
Mozilla stated that it has already detected hacker attacks from the security
breach.
Known as "type confusion",
the failure is related to the manipulation of JavaScript objects.
It was not announced by Mozilla the
goal of hacker attacks from the vulnerability. The fix has already been
released in versions 67.0.3 or ESR 60.7.1 of Firefox, available for free as an
upgrade or via new download.
Similar failures have been common
in Flash Player in the
past. In theory, a hacker would be able to trick the browser into letting
compromised material pass to the victim's PC.
Although there is already a patch
available, the bug in Firefox causes concern for the delay in identifying the
problem: according to Mozilla, there are already criminals exploiting the
security breach. It is not known, for now, the number of victims hit, nor
the motivation for the attacks.
How to update Firefox and protect yourself
Those who have the Firefox browser
installed should have already received the new version automatically. In
that case, just close and reopen the browser to apply the update.
You can also download the latest
browser version from the Mozilla website at the following address:
mozilla.org/en/firefox/new
In any case, users can manually
download the Firefox update from their browser settings.
To do this, open the main menu, go to
the "Options" item and scroll to the "Firefox Update"
section. Make sure version 67.0.3 or higher is installed. To ensure
that future updates are automatically obtained, check the "Install updates
automatically" option.
Source:www.techtudo.com.
