Chevron icon It indicates an expandable section or menu, or sometimes previous / next navigation options. HOMEPAGE

If you use Firefox, you need to update to the latest version immediately to fix a major security vulnerability

The Firefox logo is seen at a Mozilla stand during the Mobile World Congress in Barcelona, February 28, 2013. Picture taken February 28, 2013. REUTERS/Albert Gea
The Firefox logo is seen at a Mozilla stand during the Mobile World Congress in Barcelona Reuters

Advertisement

A security flaw in Firefox 72 allows hackers to access computers running the browser, MacRumors reported.

The US Cybersecurity and Infrastructure Security Agency (CISA), a subset of the Department of Homeland Security, recommends users immediately update to the newest version. "An attacker could exploit this vulnerability to take control of an affected system," CISA said. "This vulnerability was detected in exploits in the wild."

Mozilla released an update, and wrote in a statement, "We are aware of targeted attacks in the wild abusing this flaw." The update patches the vulnerability, and Firefox users can download it here.

Chinese security company Qihoo found the vulnerability two days after the update was released, according to MacRumors. The vulnerability was a "zero-day," meaning that it was a flaw unknown to the company and affected parties, so they had zero days to prepare or protect themselves. Mozilla has dealt with two other zero-day vulnerabilities recently, both in June of 2019. Both flaws allowed unauthorized people to run malicious code on the Firefox browser, although ZDNet reported that the earlier attacks targeted Coinbase employees, not Firefox users.

Advertisement

Firefox can be updated within Firefox, or on Mozilla's website.

Tech
Advertisement
Close icon Two crossed lines that form an 'X'. It indicates a way to close an interaction, or dismiss a notification.

Jump to

  1. Main content
  2. Search
  3. Account