Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Mozilla patches a vulnerability in Firefox that helps hackers gain admin rights of Windows
This vulnerability resides in the Mozilla Maintenance Service, so if successfully exploited, hackers can gain admin rights of the system.
Mozilla Maintenance Service is an optional service of Firefox and Thunderbird that keeps application updates running in the background. It provides Firefox users with a seamless update experience, without the need to click the "Yes" option in Windows User Account Control (UAC) before updating their web browser or email client.
Mozilla patches a vulnerability in Firefox that helps hackers gain admin rights of Windows Picture 1
Mozilla has patched the privilege escalation vulnerability tracked under code CVE-2022-22753 in the just released Fifefox 97 update.
When successfully exploiting CVE-2022-22753 on unpatched computers, hackers can take over NT AUTHORITYSYSTEM, the highest control on Windows systems.
"A Time-of-Check Time-of-Use bug exists in the Mozilla Maintenance Service that can be abused to give users write permission to an arbitrary directory. This can be used to elevate access permissions. SYSTEM level," Mozilla shared. "This bug only affects Firefox on Windows. Other operating systems are not affected."
Mozilla also adds that Firefox 97 has resolved many of the memory-safe bugs found by the Mozilla community and developers in Firefox 96 and Firefox ESR 91.5.
Firefox 97 adds some new features and improvements
Besides bug fixes, the new Firefox update also brings a number of new features and improvements. The first is the new style scrollbars on Windows 11 and the next is an improvement in loading system fonts on macOS that makes opening and switching new tabs faster.
David PacYou should read it
- More than 40 Windows drivers contain dangerous privilege escalation vulnerabilities
- Google Project Zero reveals a serious privilege escalation vulnerability in Windows
- Discovering a new zero-day vulnerability in Steam, more than 100 million users may be affected
- New privilege escalation vulnerability called 'Dirty Pipe' is threatening all Linux distros
- Firefox 16 was released again after updating the vulnerability patch
- Firefox releases urgent update to patch zero-day vulnerability being exploited by hackers
- Mozilla released Firefox 62.0.2 to fix the problem of corrupting the operating system
- What to do when Firefox crashes?
- FireFox 54 version improves performance, speed, and security enhancement
- Firefox 58 and new features help improve performance
- Mozilla Firefox - Free, fast and private web browser
- Firefox 57 Quantum is here, great Mozilla!
May be interested
UEFI firmware from Microsoft, Intel, HP, Dell etc., can be at risk from nearly 20 different vulnerabilities
Detecting fake 2FA security apps that can steal bank accounts on Android phones
Microsoft Outlook RCE Vulnerability Can Sell For $400,000
Immediately patch CWP vulnerability that allows code execution as root on Linux servers
Microsoft 'turns the wheel' to bring the old Network Connections settings back to Windows 11
Google will automatically upgrade free G Suite users to Paid Workspace from May 1, 2022
Technology story
You can gain admin rights of Windows 10 just by plugging in a Razer mouse
New vulnerability in Mozilla Firefox allows third parties to access a saved password store
Mozilla Firefox - Free, fast and private web browser
Lost Admin rights on Windows 10, this is how to fix it
How to set up always opening applications with admin rights on Windows 11- Mozilla blocked the vulnerability for Firefox
How to set up always opening applications with admin rights on Windows 11
Mozilla blocked the vulnerability for Firefox