Firefox gets update for two zero-day vulnerabilities

Posted on Monday, April 06 2020 @ 14:18 CEST by Thomas De Maesschalck
Firefox logo
Mozilla announces it patched two critical security vulnerabilities in Firefox. The two bugs are described as "use-after-free" vulnerabilities and they are actively exploited by cybercriminals.
CVE-2020-6819: Use-after-free while running the nsDocShell destructor
Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw.

#CVE-2020-6820: Use-after-free when handling a ReadableStream
Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw.
Users need to install Firefox 74.0.1 as quickly as possible.


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments