"An attacker could exploit this vulnerability to take control of an affected system."
What you need to know
- Mozilla Firefox has released security updates for its browser.
- The update is so important, even the Department of Homeland Security recommends upgrading.
- It's designed to patch a zero-day exploit that could be used to "take control of an affected system."
Mozilla Firefox has released a security update so important, even the Department of Homeland Security says you should download it.
As spotted by TNW, version 72.0.1 of Mozilla Firefox has been made available to download. The latest update patches a zero-day exploit that could allow a hacker to "take control of an affected system."
The Cybersecurity and Infrastructure Security Agency (CISA), part of the Department of Homeland Security, in a post said this:
Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Firefox 72.0.1 and Firefox ESR 68.4.1 and apply the necessary updates.
As TNW notes, this is the third such exploit Mozilla has had to address in the past year after two zero-day exploits emerged in quick succession in June of 2019. Both zero-day exploits were used by a hacking group in an attempt to infect Coinbase staff using spear-fishing emails with links to malicious sites.
To download the latest version of Mozilla (and if you use Mozilla you really should), select "Help" from the menu in the top-right corner of your browser and then select "About Firefox". This will tell you what version you're already running and give you the option to update.