Mozilla Fixes Active Zero-Day Vulnerability in Firefox

Jan. 10, 2020

Mozilla has rolled out an update to itsFirefox web browserto address a critical zero-day vulnerability that is reportedly being used for targeted attacks in the wild. While the company didn’t reveal too many details about the flaw, it did say that it was a ‘type confusion’ error in the IonMonkey just-in-time (JIT) compiler for the browser’s SpiderMonkey JavaScript engine.

The update is being pushed out through the stable channel for both Firefox and Firefox ESR as versions 72.0.1 and 68.4.1, respectively. The vulnerability affects Firefox on all desktop platforms, including Windows, macOS and Linux, so if you’re using the browser on your computer, you should immediately install the latest patched versions by going over to the ‘hamburger menu’ (three horizontal lines) on the top-right corner and clicking on Help > About Firefox > Check for Updates.

As pointed out byBleeping Computer, the latest security patch comes just a day after Firefox 72.0 was released with fixes for 11 security vulnerabilities, with as many as five of them being classified as ‘High’ byMozilla. However, this particular one is of massive concern, given that it is already being exploited in the wild, so it would be for the best if you updated your browser right now.

Passionate techie. Professional tech writer. Proud geek.