Are you are using Firefox as one of your web browsing applications on your Windows, Linux, or Mac systems?
If you are, you should immediately update your Firefox web browser to the latest version available on Mozilla’s website. (Make sure it is the Mozilla Website).
Why the urgency?
Mozilla released Firefox 72.0.1 and Firefox ESR 68.4.1 versions to patch a critical zero-day vulnerability in its browsing software that an undisclosed group of hackers is actively exploiting.
Tracked as ‘CVE-2019-17026,’ the bug is a critical ‘type confusion vulnerability’ that resides in the IonMonkey just-in-time (JIT) compiler of the Mozilla’s JavaScript engine SpiderMonkey.
In general, a type confusion vulnerability occurs when the code doesn’t verify what objects it is passed to and blindly uses it without checking its type, allowing attackers to crash the application or achieve code execution.
Although Firefox, by default, will automatically install updates as soon as they are available and activate a new version after a restart, it is possible to do a manual update using the built-in functionality by navigating to Menu > Help > About Mozilla Firefox. Don’t forget to restart Firefox after the update, or it will not take effect.
