Firefox releases urgent update to patch zero-day vulnerability being exploited by hackers
Both are "Use-after-free (UAF)" vulnerabilities, which refer to the moment an application tries to use memory that has previously been cleaned up. When exploiting this type of vulnerability, the hacker will make the program cashed at the right time to allow the execution of commands on the device without privileges.
The UAF vulnerability is considered serious because it allows hackers to execute nearly any command remotely, including downloading malicious code to access and exploit deeper into the device.
Two zero-day vulnerabilities have just been patched by Mozilla with tracking codes CVE-2022-26485 and CVE-2022-26486 related to XSLT and WebGPU IPC Framework parameter processes respectively. According to Mozilla, hackers are actively exploiting these two vulnerabilities, so users should quickly update Firefox.
Chinese security experts from Qihoo 360 ATA company discovered and reported these vulnerabilities to Mozilla. Although Mozilla has not announced the method of exploiting the vulnerability, it is likely that hackers will trick users into accessing fake websites containing malicious code.
Due to the dangerous nature of the vulnerabilities and they are still being actively exploited, Mozilla recommends that all Firefox users update their browsers immediately.
You can check for updates manually by going to Firefox menu > Help > About Firefox. Firefox will then automatically check for, download and install the latest update, and then notify you to restart the browser to complete the update process.
You should read it
- Appearing a zero-day vulnerability in Firefox, Mozilla advises users to update to the latest version immediately
- Update Firefox now to fix a serious security hole
- Mozilla patches a vulnerability in Firefox that helps hackers gain admin rights of Windows
- Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it
- Mozilla blocked the vulnerability for Firefox
- Firefox 16 was released again after updating the vulnerability patch
- How to update Firefox to the latest version
- Microsoft urges Admin to patch PowerShell vulnerability on Windows
- See how the future of Firefox is today
- Warning of dangerous Spring4Shell vulnerability, there are signs of scanning and exploiting
- Mozilla released Firefox 62.0.2 to fix the problem of corrupting the operating system
- Apple patched many zero-day bugs in iOS 15.4.1 and macOS 12.3.1 updates
Maybe you are interested
How to enable automatic Picture-in-Picture in Firefox
Instructions to enable tab groups in Firefox
How to disable desktop mode in Firefox Android
How to delete specific websites from Firefox history
Mozilla quietly adds user tracking feature in new Firefox update
Mozilla considers extending Firefox support on older operating system versions until March 2025