Critical remotely exploitable flaw reported in Mozilla Firefox
A critical remotely exploitable flaw in Firefox was revealed today, affecting those on Firefox 56 and 67. The problem was fixed in Firefox 58.0.1, and customers are urged to upgrade as soon as possible. According to Giridhara (Zoho), the problem does not extend to those using Android browsers and Firefox 52 ESR.
“The vulnerability is due to insufficient sanitization of HTML fragments in chrome-privileged documents by the affected software,” a Cisco advisory reads. “An attacker could exploit the vulnerability by persuading a user to access a link or file that submits malicious input to the affected software. A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely.”
Mozilla confirmed the vulnerability and says it is fixed in the browser’s newest release.
Don says that keeping all Apps such as Firefox is one of the features of our service called CLEANUP – SPEEDUP – UPDATE. The more often this is performed, the better the computer’s performance is, and, more importantly, the less the “evil people” can exploit a weakness in the program that isn’t updated to “Get Into and Hurt” you.