Firefox gets emergency update to protect against zero-day flaw

Posted on Thursday, June 20 2019 @ 10:36 CEST by Thomas De Maesschalck

Mozilla rushed out an emergency patch for Firefox, users are highly advised to install version 67.0.3 as soon as possible. Attackers are actively exploiting the bug, which can be triggered by a type confusion event when manipulating JavaScript objects due to issues in Array.pop. This results in an exploitable crash.

The browser developer says they're aware of targeted attacks in the wild. It seems hackers are using the exploit to steal cryptocurrency:

The bug find is credited to security researcher Samuel Groß of Google Project Zero and the Coinbase Security team. It's assumed that the vulnerability is being exploited to attack cryptocurrency owners, considering where the bug report originated from. Hype around cryptocurrency has risen these past few days, with Facebook officially announcing its own entry this week.

Via: TechSpot

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments

Share this story!