Geeks for your information News Browsers News & Tips v
Firefox 72.0.1 fixes a security vulnerability that is actively exploited
Firefox 72.0.1 fixes a security vulnerability that is actively exploited
harlan4096 Offline
MalWare Zoo Team
*******
Posts: 16,126
Threads: 10,252
Thanks Received: 9,332 in 7,478 posts
Thanks Given: 10,293
Joined: 12 September 18
#1
Information  10 January 20, 10:26 (This post was last modified: 10 January 20, 10:28 by harlan4096.)
Quote:
[Image: firefox-72-0-1.png]

Mozilla has released Firefox 72.0.1, a new stable version of the Firefox web browser. The release may come as a surprise to many considering that Firefox 72.0 was released just a few days ago. Firefox ESR, the Extended Support Release aimed specifically at organizations and users who need stability in regards to changes, is also updated to Firefox ESR 68.4.1.

While it is not uncommon for Mozilla to release a minor update or even multiple between major Firefox releases, it is rare that an update is released just days after a release.

Firefox 72.0.1 fixes a security vulnerability in the web browser that is actively exploited according to Mozilla. The release note lists the security fix as the only change in the new Firefox release.

Mozilla's Security Advisories hub lists a single vulnerability that has been patched in Firefox 72.0.1. The vulnerability has received a rating of critical, the highest available rating reserved for vulnerabilities with a high impact.

The description provides the following information:
Quote:CVE-2019-17026: IonMonkey type confusion with <code>StoreElementHole</code> and <code>FallibleStoreElement</code>

Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw.

Reported by Qihoo 360 ATA, the vulnerability affects the browser's Just in Time Compiler. Since it is exploited in the wild, Mozilla had to react quickly to release a patch.

The new versions of the Firefox web browser, Firefox 72.0.1 and Firefox ESR 68.4.1 are already available. Firefox users can download the latest release from Mozilla's website or use the built-in updating functionality to update the browser this way.

A click on Menu > Help > About Mozilla Firefox runs a manual check for updates. The browser should pick up the new version and install it automatically on the system.

Firefox users are encouraged to update the browser as soon as possible to protect the browser against attacks targeting the vulnerability.
...
Continue Reading
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
QOwnNotes
26.4.4  Fixed a d...Kool — 10:40
Traffic Violation Scam Texts Now Use QR ...
A phishing campaig...harlan4096 — 09:34
Microsoft Begins Warning Users Ahead of ...
Microsoft has star...harlan4096 — 09:07
K-Lite Codec Pack 19.6.6/ 19.6.6 Update
Changes in 19.6.6 ...harlan4096 — 07:40
Intel shows Texture Set Neural Compressi...
TSNC Variant A del...harlan4096 — 07:39

[-]
Birthdays
Today's Birthdays
avatar (46)JamesZic
Upcoming Birthdays
avatar (45)wapedDow
avatar (49)oapedDow
avatar (42)Sanchowogy
avatar (46)MeighGoask
avatar (47)creatralGuelm
avatar (38)procnipsut
avatar (44)accenwibly
avatar (41)ahyvily
avatar (38)urumahiz
avatar (44)techlignub
avatar (43)Stevenmam
avatar (50)onlinbah
avatar (50)fuspeukChark
avatar (44)werriewWaiNg
avatar (38)Freemanleo
avatar (43)cdoubapKit
avatar (38)lystraPonia
avatar (31)smith8395john
avatar (51)steakelask
avatar (45)Termoplenka
avatar (43)bycoPaist
avatar (49)pieloKat
avatar (43)ilyagNeexy
avatar (51)donitascene
avatar (51)burntLaw
avatar (41)MrDoorsskibheeds
avatar (51)Toligo
avatar (46)Rodneykak
avatar (49)tradeSmode
avatar (39)vemedProkbior
avatar (38)RobertUtelt
avatar (36)Kiran78

[-]
Online Staff
There are no staff members currently online.

>