Mozilla released a security update for Critical Zero-day vulnerability that fixed in a new version of Firefox 67.0.3 and Firefox ESR 60.7.
The critical vulnerability can be exploited by an attacker to run malicious code and to install the application on the vulnerable machine, without requiring no user interaction beyond normal browsing.
Cybercriminals are actively exploiting this Critical Zero-day vulnerability in wide and the attacker could exploit this vulnerability to take control of an affected system.
There are various exploit attempts identified, and the attackers targeting the unpatched old version of Firefox and exploit this critical zero-day vulnerability.
According to Mozilla Security Advisory, A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop
. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw.
This critical zero-day vulnerability originally reported to Mozilla by Samuel Groß, a member of Google Project Zero and Coinbase Security.
The US Cybersecurity and Infrastructure Security Agency also issued an alert urging users and system administrators to review Mozilla’s security advisor and update the system Firefox Immediately.
The Zero-day flaw tracked as CVE-2019-5786 and the users can install the new update via following links.
All the FireFox user urged to update the new version immediately to protect themselves from this zero-day exploit and keep your system safe and secure.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.
Emergency !! Hackers Exploited Active Google Chrome Zero-day in Wide – Update Chrome Now
Microsoft Security Updates Fixes for 88 Vulnerabilities Including 4 SandboxEscaper Leaked Zero-day’s
Critical RCE Zero-Day in TP-Link Wi-Fi Repeaters Let Hackers to Gain Remote Access
The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices.…
White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch Experts…
Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits…
The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations…
Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions…
WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games…