Mozilla fixes 2 wildly exploited zero-day vulnerabilities in Firefox

Mozilla fixes 2 wildly exploited zero-day vulnerabilities in Firefox

Mozilla has released fixes for 2 zero-day vulnerabilities in Firefox. The fixes are available in the newly released version of the browser, Firefox 74.0.1.The updated version fixes the vulnerabilities CVE-2020-6819 and CVE-2020-6820

 

Vulnerability and impact


Both CVE-2020-6819 and CVE-2020-6820 are use-after-free vulnerabilities and occur due to improper memory space management by Firefox. These bugs when exploited allow the hacker to write codes into Firefox's memory and have it executed in the browser's context. Mozilla has not been forthcoming with the details of the actual attacks, but the company has urged its Firefox users to update their browsers at the earliest. 

 

Patch these vulnerabilities with Patch Manager Plus

 

You can patch these vulnerabilities in no time using Patch Manager Plus. Initiate a sync between the Patch Manager Plus server and the Central Vulnerability database. After this, search for the following Patch IDs or Bulletin IDs and deploy them to the machines missing them.

 

Bulletin ID

Patch ID

Patch Description

TU-027

313638

Mozilla Firefox (74.0.1)

TU-027

313639

Mozilla Firefox (x64) (74.0.1)

TU-054

313640

Mozilla Firefox ESR (68.6.1)

TU-054

313641

Mozilla Firefox ESR (x64) (68.6.1)

 

Cheers,

ManageEngine Team

 

 



                New to ADSelfService Plus?