If you use Firefox, you need to update to the latest version immediately to fix a major security vulnerability

The Firefox logo is seen at a Mozilla stand during the Mobile World Congress in Barcelona, February 28, 2013. Picture taken February 28, 2013. REUTERS/Albert Gea

Reuters

The Firefox logo is seen at a Mozilla stand during the Mobile World Congress in Barcelona

A security flaw in Firefox 72 allows hackers to access computer running the browser, MacRumors reported.

The US Cybersecurity and Infrastructure Security Agency (CISA), a subset of the Department of Homeland Security, recommends users immediately update to the newest version. "An attacker could exploit this vulnerability to take control of an affected system," CISA said. "This vulnerability was detected in exploits in the wild."

Mozilla released an update, and wrote in a statement, "We are aware of targeted attacks in the wild abusing this flaw." The update patches the vulnerability, and Firefox users can download it here.

Chinese security company Qihoo found the vulnerability two days after the update was released, according to MacRumors. The vulnerability was a "zero-day," meaning that it was a flaw unknown to the company and affected parties, so they had zero days to prepare or protect themselves. Mozilla has dealt with two other zero-day vulnerabilities recently, both in June of 2019. Both flaws allowed unauthorized people to run malicious code on the Firefox browser, although ZDNet reported that the earlier attacks targeted Coinbase employees, not Firefox users.

Firefox can be updated within Firefox, or on Mozilla's website.

{{}}
Add Comment()
Comments ()
X
Sort By:
Be the first one to comment.
We have sent you a verification email. This comment will be published once verification is done.