A zero-day attack has hit the Firefox browser. If you run either Firefox 67.0.3 and Firefox ESR 60.7.1 or maybe you’re not sure on what version you are using, it’s high time you update your browser now. According to Firefox, the flaw codenamed #CVE-2019-11707 is a “Type confusion in Array.pop.” Here’s the full description of the bug.
“A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw.”
The bug was being used by hackers to gain full control of PCs by exploiting Javascript code. The exploited code could then be used to trick users into visiting malicious websites where the hackers can deploy malicious code into a PC.
Firefox has already issued an urgent patch to the flaw. To update Firefox, click the hamburger icon at the top right corner or you can visit the Mozilla Firefox website and download the latest version.
The vulnerability has even got attention from the US Cybersecurity and Infrastructure Security Agency, which shows the serious nature of the matter also because Firefox browser is one of the mainstream browsers in the market after Google’s Chrome browser.
Share the news to save a soul.
Follow us on, Twitter, Facebook or subscribe to our weekly newsletter to ensure you don’t miss out on any future updates.
