Mozilla Patches Exploited Zero-day Flaw In Firefox

The Mozilla Foundation yesterday issued a security update for Firefox and Firefox Extended Support Release, which were found to contain an actively exploited, critical vulnerability in the IonMonkey JIT compiler.

“Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion,” reads an official advisory posted by Mozilla, citing the two elements as StoreElementHole and FallibleStoreElmenet. “We are aware of targeted attacks in the wild abusing this flaw.”

Designated CVE-2019-17026, the zero-day bug was reported by researchers at Qihoo 360 ATA. The problem has been fixed with the release of Firefox 72.0.1 and Firefox ESR 68.4.1

Mozilla provided no further context on how the flaw has been exploited.

Topics:

Network Security Patch Vulnerabilities

Republished from https://www.scmagazine.com/home/security-news/vulnerabilities/mozilla-patches-exploited-zero-day-flaw-in-firefox/

Generative Data Intelligence

Mozilla patches exploited zero-day flaw in Firefox

Topics:

Honda Launches 3 New Electric Cars … In China, For China – CleanTechnica

US Air Force says AI-controlled F-16 has fought humans

Latest Intelligence

Artificially: Learn to use Artificial Intelligence crowdfunding opportunity project pitch by Indiegogo

Lightning Kayaks AIR 9: Inflatable Pedal Board crowdfunding opportunity project pitch by Indiegogo

Quest 2 Accessory Prices Cut By More Than 50%

USA Pulls Mexico Into Its Anti-Chinese EVs Policies – CleanTechnica

Chinese scientists claim breakthrough in detecting F-22 stealth jets: F-22 stealth threatened? – Tech Startups

Netflix, Apple, Shell, Delta Join Kenya’s Carbon Credit Boom

Chat with us