Exploited Zero-day flaw means your Firefox install needs an urgent update

Reading time icon 1 min. read


Readers help support MSPoweruser. When you make a purchase using links on our site, we may earn an affiliate commission. Tooltip Icon

Read the affiliate disclosure page to find out how can you help MSPoweruser effortlessly and without spending any money. Read more

Google’s Project Zero security team has discovered a Zero-day vulnerability in all versions of Firefox which is currently being exploited in the wild and which requires an urgent patch.

The flaw reads:

A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw.

All versions of the browser below 67.0.3 or Firefox ESR 60.7.1 are vulnerable.

The patch is available as a browser update now, which can be installed by checking for updates or downloading the latest version here.

Via the Verge

More about the topics: app, firefox, security, zero day exploit