Update Firefox right now! Hackers can compromise your computer
If you haven't updated Firefox in a while, may be now is just the right time to do so. Mozilla Corporation, the organization behind the famous browser, has issued a security advisory warning about a critical vulnerability existing in the program. The bug is actively being exploited and could pose a major security risk, if not patched in time. Here's everything about it.
Critical vulnerability spotted in Firefox
Just recently, Samuel Groß, a researcher working at Google's Project Zero and Coinbase Security, spotted a critical zero-day security flaw in Mozilla Firefox. The bug exists in all old versions of the browser and triggers while manipulating JavaScript objects due to issues in Array.pop. This ultimately allows hackers to run malicious code through infected pages and take control of vulnerable computers.
What happens when they take control
Though Mozilla hasn't detailed the exact impact of this 'critical' bug, it could be a way to steal cryptocurrencies or user information. In fact, even the US Cybersecurity and Infrastructure Security Agency has issued a warning about it. "An attacker could exploit this vulnerability to take control of an affected system," CISA said, noting that the "vulnerability was detected in exploits in the wild."
Updating Firefox is the fix
The vulnerability poses a major threat but can be avoided by simply updating Firefox to version 67.0.3 and Firefox ESR to 60.7.1. To update the browser, you can either download it directly from the website or go for an internal update by clicking on the hamburger menu in the upper right corner and going to Help > About Firefox. After update, restart the program.
After restarting, you'll get update confirmation
Once the browser restarts and the update is applied, you will be greeted with a "Congrats! You're using the latest version of Firefox." Notably, you can also follow the same steps again to check if the browser version is 67.0.3 or not.