Firefox releases urgent update to patch zero-day vulnerability being exploited by hackers
Both are "Use-after-free (UAF)" vulnerabilities, which refer to the moment an application tries to use memory that has previously been cleaned up. When exploiting this type of vulnerability, the hacker will make the program cashed at the right time to allow the execution of commands on the device without privileges.
The UAF vulnerability is considered serious because it allows hackers to execute nearly any command remotely, including downloading malicious code to access and exploit deeper into the device.
Two zero-day vulnerabilities have just been patched by Mozilla with tracking codes CVE-2022-26485 and CVE-2022-26486 related to XSLT and WebGPU IPC Framework parameter processes respectively. According to Mozilla, hackers are actively exploiting these two vulnerabilities, so users should quickly update Firefox.
Chinese security experts from Qihoo 360 ATA company discovered and reported these vulnerabilities to Mozilla. Although Mozilla has not announced the method of exploiting the vulnerability, it is likely that hackers will trick users into accessing fake websites containing malicious code.
Due to the dangerous nature of the vulnerabilities and they are still being actively exploited, Mozilla recommends that all Firefox users update their browsers immediately.
You can check for updates manually by going to Firefox menu > Help > About Firefox. Firefox will then automatically check for, download and install the latest update, and then notify you to restart the browser to complete the update process.
You should read it
- Mozilla patches a vulnerability in Firefox that helps hackers gain admin rights of Windows
- Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it
- Mozilla blocked the vulnerability for Firefox
- Firefox 16 was released again after updating the vulnerability patch
- How to update Firefox to the latest version
- Microsoft urges Admin to patch PowerShell vulnerability on Windows
- See how the future of Firefox is today
- Warning of dangerous Spring4Shell vulnerability, there are signs of scanning and exploiting
May be interested
- Microsoft urges Admin to patch PowerShell vulnerability on Windowsmicrosoft has just asked for it admins of organizations and businesses to immediately patch the vulnerability in powershell 7. the reason is that this vulnerability allows hackers to bypass windows defender application control (wdac) enforcement measures.
- Detected critical zero-day vulnerability on Adobe Readeradobe has just released the may security update to patch security holes in 12 of their products. among them is a serious zero-day vulnerability in adobe reader that is being actively exploited by hackers.
- Warning of dangerous Spring4Shell vulnerability, there are signs of scanning and exploitingspring has just released an urgent update to patch the spring4shell remote code execution zero-day vulnerability. information about this vulnerability was leaked on the internet before the patch was released.
- Microsoft releases new update for Windows 10 and 11, fixing VPN errorsafter receiving a lot of feedback from users about the error of not being able to connect to the vpn on the new update, this week microsoft released a series of urgent updates to fix issues caused by the patch tuesday update. caused last week.
- Google releases an urgent security patch for Chrome, users take note!google has just continued to roll out another urgent security update for its browser to fix some known issues.
- 10 security holes exploited by hackers in 2018microsoft accounted for 8 of the top 10 vulnerabilities that were exploited by hackers in 2018.
- New vulnerability in Mozilla Firefox allows third parties to access a saved password storerecently, mozilla has released version 68.0.2 for firefox to patch a serious vulnerability that allows third parties to access and copy the password store that you have stored in your browser.
- Apple patched many zero-day bugs in iOS 15.4.1 and macOS 12.3.1 updatesapple has simultaneously released new versions of their software to update features, fix bugs and patch security holes.
- Appearing a zero-day vulnerability in Firefox, Mozilla advises users to update to the latest version immediatelyto protect yourself from this security vulnerability, mozilla also recommends that users update to the latest version of firefox at 67.0.3 or firefox esr 60.7.1.
- Update Firefox now to fix a serious security holeif you're using the firefox web browser, quickly update the version to fix a zero-day (0-day) security vulnerability.