Geeks for your information News Browsers News & Tips v
Firefox 74.0.1 Stable out with important security fixes
Firefox 74.0.1 Stable out with important security fixes
harlan4096 Online
MalWare Zoo Team
*******
Posts: 16,283
Threads: 10,312
Thanks Received: 9,367 in 7,513 posts
Thanks Given: 10,347
Joined: 12 September 18
#1
Information  04 April 20, 07:34
Quote:
[Image: firefox-74.0.1-1536x973.png]

Mozilla has released a new stable version of the organization's Firefox web browser on April 3, 2020. Firefox 74.0.1 Stable is a security update that patches two critical security vulnerabilities in the browser that are actively exploited in the wild. Mozilla released an update for the Extended Support Release, Firefox ESR, as well to address the vulnerabilities in that browser. Firefox ESR is upgraded to version 68.6.1 and updates are available already.

Firefox users who run the stable version of the web browser should receive update notifications when they start the browser the next time. The process can be expedited either by downloading the new stable release manually from Mozilla's official download site or by selecting Menu > Help > About Firefox to run a manual check for updates.

The release notes have been published already; they list security fixes only and no other changes. Mozilla's Security Advisories site provides additional information on the two vulnerabilities that the organization fixed in the new Firefox release:

* CVE-2020-6819: Use-after-free while running the nsDocShell destructor -- Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw.

* CVE-2020-6820: Use-after-free when handling a ReadableStream -- Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw.

It is unclear how these vulnerabilities can be exploited, only that attacks happen right now that exploit them. ReadableStream is used to read data streams, nsDocShell's issue seems to have been caused by data not being released properly.

Firefox users are encouraged to update the web browser as soon as possible to protect it from these attacks.

One of the researchers who reported the issues to Mozilla revealed on Twitter that the discovered issues might affect other browsers as well. He praised Mozilla for patching the vulnerability quickly. Whether other browsers means other Firefox-based browsers or non-Firefox browsers is unknown.

Now You: Have you updated your browser already?
...
Continue Reading
[-] The following 1 user says Thank You to harlan4096 for this post:
  • silversurfer
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
DAEMON Tools software infected – supply ...
What happened? ...harlan4096 — 11:35
April 2026 Windows Update Breaks Third-P...
Microsoft has conf...harlan4096 — 07:29
Apple Adds End-to-End Encryption for RCS...
Apple has announce...harlan4096 — 07:28
uBOLite 2026.504.2301
uBOLite 2026.504.2...harlan4096 — 07:14
AnyDesk 9.7.2 for Windows
Version 9.7.2 for ...harlan4096 — 06:05

[-]
Birthdays
Today's Birthdays
avatar (45)xclubDum
avatar (41)Stewartanilm
Upcoming Birthdays
avatar (28)akiratoriyama
avatar (48)Jerrycix
avatar (40)awedoli
avatar (82)WinRARHowTo
avatar (38)owysykan
avatar (49)beautgok
avatar (39)axuben
avatar (45)talsmanthago
avatar (31)mocetor
avatar (46)piomaibhaict
avatar (51)kingbfef
avatar (38)izenesiq
avatar (40)ihijudu
avatar (45)tiojusop
avatar (42)Damiennug
avatar (40)acoraxe
avatar (49)contjrat
avatar (41)axylisyb
avatar (44)tukrublape
avatar (41)iruqi
avatar (42)saitetib
avatar (36)ypasodiny
avatar (39)omapek
avatar (48)Geraldtuh
avatar (44)knigiJow
avatar (46)1stOnecal
avatar (50)Mirzojap
avatar (36)idilysaju
avatar (40)GregoryRog
avatar (45)mediumog
avatar (40)odukoromu
avatar (46)Joanna4589

[-]
Online Staff
There are no staff members currently online.

>