Actively Exploited Zero-Day Vulnerability in Mozilla Firefox

Actively Exploited Zero-Day Vulnerability in Mozilla Firefox

 

A Remote Code Execution vulnerability CVE-2019-17026 in Mozilla Firefox and Firefox ESR   is being actively exploited in the wild. This vulnerability was categorized as a type confusion, which is potentially a critical error that could impact data processing. A remote attacker can create a specially crafted webpage, trick the victim into visiting it, trigger a type confusion error and execute arbitrary code on the target system.

 

Mozilla's security advisory reads, “Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw”.

This flaw is fixed in Firefox 72.0.1 and Firefox ESR 68.4.1.

 

Resolution:

Kindly install the following patches to fix the flaw:

312452 - Firefox Setup 72.0.1 x64.exe     

312451 - Firefox Setup 72.0.1.exe          
312458 - Firefox Setup 68.4.1esr.exe       
312453 - Firefox Setup 68.4.1esr_x86.exe 

 

Happy patching!


      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
              See all integrations
              New to ADManager Plus?
              See all integrations
              New to ADManager Plus?

                New to ADSelfService Plus?

                Start your free trial
                Start your free trial



                          Related Products