Wednesday, December 25, 2024
HomeFirefoxEmergency!! Zero-day Flaw in FireFox Let Hackers Take Full Control of Your...

Emergency!! Zero-day Flaw in FireFox Let Hackers Take Full Control of Your Computer – Update Your FireFox Now

Published on

SIEM as a Service

Mozilla released a security update for Critical Zero-day vulnerability that fixed in a new version of Firefox 67.0.3 and Firefox ESR 60.7.

The critical vulnerability can be exploited by an attacker to run malicious code and to install the application on the vulnerable machine, without requiring no user interaction beyond normal browsing.

Cybercriminals are actively exploiting this Critical Zero-day vulnerability in wide and the attacker could exploit this vulnerability to take control of an affected system.

- Advertisement - SIEM as a Service

There are various exploit attempts identified, and the attackers targeting the unpatched old version of Firefox and exploit this critical zero-day vulnerability.

According to Mozilla Security Advisory, A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw.

This critical zero-day vulnerability originally reported to Mozilla by Samuel Groß, a member of Google Project Zero and Coinbase Security.

The US Cybersecurity and Infrastructure Security Agency also issued an alert urging users and system administrators to review Mozilla’s security advisor and update the system Firefox Immediately.

The Zero-day flaw tracked aCVE-2019-5786 and the users can install the new update via following links.

All the FireFox user urged to update the new version immediately to protect themselves from this zero-day exploit and keep your system safe and secure.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

Emergency !! Hackers Exploited Active Google Chrome Zero-day in Wide – Update Chrome Now

Microsoft Security Updates Fixes for 88 Vulnerabilities Including 4 SandboxEscaper Leaked Zero-day’s

Critical RCE Zero-Day in TP-Link Wi-Fi Repeaters Let Hackers to Gain Remote Access

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Indonesia Government Data Breach – Hackers Leaked 82 GB of Sensitive Data Online

Hackers have reportedly infiltrated and extracted a vast 82 GB of sensitive data from...

IBM AIX TCP/IP Vulnerability Lets Attackers Exploit to Launch Denial of Service Attack

IBM has issued a security bulletin warning of two vulnerabilities in its AIX operating...

Apache Auth-Bypass Vulnerability Lets Attackers Gain Control Over HugeGraph-Server

The Apache Software Foundation has issued a security alert regarding a critical vulnerability...

USA Launched Cyber Attack on Chinese Technology Firms

The Chinese National Internet Emergency Center (CNIE) has revealed two significant cases of cyber...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Firefox 133.0 Released with Multiple Security Updates – What’s New!

Mozilla has officially launched Firefox 133.0, offering enhanced features, significant performance improvements, and critical...

Firefox Memory Corruption Flaw Let Attacker Execute Arbitrary Code

Mozilla Firefox 119 was released with updates for 11 vulnerabilities, including three issues of high...

Malicious Firefox Extension that Allows Attackers to Access and Control Users’ Gmail Accounts

Proofpoint Threat Research has tracked low-volume phishing campaigns targeting Tibetan organizations globally. In January...