Mozilla patches actively exploited Firefox zero-day

9 January 2020

Mozilla has patched a Firefox zero-day vulnerability (CVE-2019-17026) that is being exploited in attacks in the wild and is urging Firefox and Firefox ESR users to update their installations as soon as possible. About CVE-2019-17026 A day after Mozilla released Firefox 72 – which blocks fingerprinting scripts by default for all users, replaces annoying notification request pop-ups from various sites with a speech bubble in the address bar, and fixes a number of security issues – the corporation pushed out Firefox 72.0.1 (and Firefox ESR 68.4.1) with a fix for CVE-2019-17026, a type confusion vulnerability in IonMonkey, the JavaScript Just-In-Time (JIT) compiler for Mozilla’s JavaScript engine (SpiderMonkey).

Read full article on Help Net Security

Date:

9 January 2020

Categorie(s):

NEWS

Tag(s):

Browsers, Firefox, Internet, Qihoo 360, Zero Days

Kaspersky hits back at claims it helped Russia develop military drone systems3 May 2024
Smoke and (screen) mirrors: A strange signed backdoor3 May 2024
Kaspersky accused of helping Russia develop military drone systems3 May 2024
Attackers evade detection by leveraging Microsoft Graph API3 May 2024
Microsoft details broad plan to enhance its cybersecurity practices3 May 2024