PSA: Critical Vulnerability in Firefox browser – update required

Mozilla[German]Users of the Firefox browser on Linux, macOS and Windows should urgently upgrade (their desktop version) to version 58.0.1. Older versions (with the exception of Firefox 52 ESR and Firefox for Android) have a critical vulnerability.


Code Execution vulnerability

A critical vulnerability that allows code execution via the browser interface has been discovered in older versions of the Firefox browsers (desktop versions for Linux, macOS and Windows). There is a Mozilla Foundation Security Advisory 2018-05 published from Mozilla’s developers with a clear warning against this vulnerability.

Mozilla Foundation Security Advisory 2018-05

Mozilla developer Johann Hofmann reported that unsanitized output in the browser UI can lead to arbitrary code execution. The vulnerability has been quoted as critical. A bug report is discussed here.

Just visiting a prepared website in Firefox is enough for an infection. It is strongly recommended to update to Firefox 58.0.1, where the vulnerability has been fixed. Firefox for Android and Firefox 52 ESR are not affected.

Similar article:
Firefox 58.0.1: Update for Windows



This entry was posted in computer, Security and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *