Update Firefox ASAP to fix an exploit

Written 11 months ago by IanDorfman

If you have Firefox on your desktop or laptop computer, make sure to update it to the latest version, 67.0.3, as soon as you possibly can.

An exploit in the popular web browser was discovered and made public by Samuel Groß of Google Project Zero and Coinbase Security. The exact details of the exploit, named CVE-2019-11707, are described in an official Mozilla security advisory as follows:

"A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw."

You can update Small Mozilla Firefox iconMozilla Firefox for Windows, macOS, and Linux by going to the "About Firefox" page and running the update it finds to ensure you're on 67.0.3 (or version 60.7.1 of the Extended Support Release for enterprises) or by downloading the latest version directly from Mozilla's official website for Firefox.

Further coverage:
US-Cert
Mozilla Security Advisory
BleepingComputer
Engadget