Firefox has between 9% and 16% of worldwide usage as a “desktop” browser and 2nd Most Popular Web Browser in the Globe. The latest version of the “Firefox 54.0” Released with 32 Patched Critical and High Critical Vulnerabilities and some of the Vulnerabilities Leads to Crash the Browser.
This vulnerability was Reported by Many individual Security Researchers and some of the Vulnerabilities Discovered by Mozilla developers and community.
Mozilla is calling Firefox 54.0 “the best Firefox ever,” since new version Release with Futures of multiple content processes, a UI process, and a GPU acceleration process.
This New version contains multiple content processes will improve stability and performance (one bad tab won’t slow down the rest of your computer)
To Run even complex sites faster, Mozilla changed multiples Operating system Processing.
The old Firefox used a single process to run all the tabs in a browser. Modern browsers split the load into several independent processes.
These Vulnerabilities lead to Crash the Entire Browser.
A Frame loader Vulnerabilities has leads to Crash the Browser while regenerating CSS layout when access nonexisting Tree Node.
A use-after-free vulnerability when using an incorrect URL during the reloading of a docshell. This results in a potentially exploitable crash.
This Vulnerability also leads to Crash, During Video Control Operation old window Referred by <Track> element when old window replaced by Document object model.
A use-after-free vulnerability with content viewer-listeners that results in a potentially exploitable crash.
logging errors from headers for XML HTTP Requests (XHR). This could result in a potentially exploitable crash.
IndexedDB when one of its objects is destroyed in memory while a method on it is still being executed.
These are critical privilege escalation vulnerabilities that have been fixed by Mozilla.
This Vulnerability indicates manipulation of files in the installation directory and privilege escalation by manipulating the Mozilla Maintenance Service. This Vulnerability affected only Windows OS since this need local privilege to access.
This High critical vulnerability leads to deleted the files and escalates the privilege using helper.exe Mozilla maintenance service.
An attack using manipulation of updater.ini contents, used by the Mozilla Windows Updater, and privilege escalation through the Mozilla Maintenance Service to allow for arbitrary file execution
To overwrite arbitrary files with junk data using the Mozilla Windows Updater using Maintenance invoked by an unprivileged user which only affected by Windows user.
Maintenance Service executes with privileged access, bypassing system protections against unprivileged by the user to read 32 bytes of any arbitrary file on the local system by convincing the service that it is reading a status file provided by the Mozilla Windows Updater.
Also read Millions of time Downloaded dangerous malware app
All the fixed Vulnerabilities are Explained in Firefox Blog
LegionLoader, a C/C++ downloader malware, first seen in 2019, delivers payloads like malicious Chrome extensions,…
In a recent security advisory, ASUS has alerted users to critical vulnerabilities affecting several of…
NTT Docomo, one of Japan’s leading telecommunications and IT service providers, experienced a massive disruption…
Apple Inc. has agreed to pay $95 million to settle a proposed class-action lawsuit alleging…
A critical vulnerability discovered in the popular macOS terminal emulator iTerm2 has raised concerns among…
The CVE-2024-49112 vulnerability in Windows LDAP allows remote code execution on unpatched Domain Controllers, as…