Mozilla endeavors to play safe for its browsers by fixing the flaws as it spots them. Once again, Mozilla has patched critical vulnerabilities in Firefox and Firefox ESR browsers that potentially posed a serious security threat.
Mozilla Spotted Critical Vulnerabilities In Firefox Browsers
As disclosed in its security advisory, Mozilla patched two critical flaws in its Firefox browsers. The vulnerabilities allegedly affected Firefox and Firefox ESR posing a serious security threat. These vulnerabilities in Firefox browsers could allow an attacker to exploit sandboxed content processes.
Whereas, the second vulnerability, “stack out-of-bounds read in Array.prototype.push” (as named by RedHat), could leak memory address triggering an attack. As explained in Mozilla’s advisory regarding the CVE-2018-12387 flaw,
Patched Versions Released
The vendors came to know of the said vulnerabilities after receiving reports from three different researchers via the SecuriTeam Secure Disclosure program by Beyond Security. Consequently, Mozilla patched the bugs in its latest browser versions, Firefox 62.0.3 and Firefox ESR 60.2.2. Thus, users of Firefox and Firefox ESR browsers could protect themselves from these vulnerabilities by simply updating the patched versions.
Mozilla appeared pretty active this week as it patched multiple security flaws in various products. Right after these fixes, the vendors also released several patches for the vulnerabilities affecting Mozilla’s email client, Thunderbird.
Take your time to comment on this article.