You can now find Cyber Kendra on Google News | Telegram

Firefox Patched two Zero-days Exploited in the wild

Critical Zero-days fixes in Firefox browser, update now.
Mozilla Foundation just fix couple of critical vulnerabilities in the current version of their web browser. The two vulnerabilities belong to the so-called 'use-after-free' type and can be used to execute an attacker's code in the browser on the user's system.

On the security advisory team wrote that they have already observed the exploration of these vulnerabilities. Both the bugs were identified as CVE-2020-6819 and CVE-2020-6820.
Both these bugs were patched on 74.0.1 of the current Firefox browser and version 68.6.1 of the ESR branch of Firefox and in all platforms including Windows, MacOS and Linux.

Users are recommended to immediately update there browser as attacks are already in action.

The vulnerabilities were reported by Francisco Alonso from revskills and Javier Marcos from JMPSec. They concern possible race conditions when using the nsDocShell destructor and when using a ReadableStream.

At the meantime there is no future details about the bug, but researcher points out that other browsers may also be affected.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.