Firefox 62.0.3 released

MozillaMozilla's developers have just released version 62.0.3 of Firefox browser for Windows, Linux and macOS. It is a maintenance update which closes bugs and vulnerabilities.


Advertising

The bug fixes refer to macOS, and especially to Mojave (macOS 10.14).

  • Fixed hangs on macOS Mojave (10.14) when various dialog windows (upload, download, print, etc) are activated.
  • Fixed playback of some encrypted video streams on macOS

In addition, two critical vulnerabilities are closed in older Firefox versions. These are the following vulnerabilities:

  • CVE-2018-12386: Type confusion in JavaScript; A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process when triggered.
  • CVE-2018-12387: A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the sandboxed content.

The details can be found on this website. The release notes can be found here. The browser can be updated via the Help menu and the About Firefox command. (via)

Firefox 62.0.3


Cookies helps to fund this blog: Cookie settings
Advertising


##1

This entry was posted in browser, Update and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *