2 weeks ago

Update Your Firefox Browser to Fix a Critical Remotely Exploitable Flaw


Mozilla has released an important update for its Firefox web browser to patch a critical vulnerability in which could allow remote attackers to execute malicious code on computers running an affected edition of the browser.

The update comes just a week after the company rolled out its completely new Firefox Quantum browser, a.k.a Firefox 58, with some completely new features like improved upon graphics engine along with performance optimizations along with patches for more than 30 vulnerabilities.

According to a security advisory published by Cisco, Firefox 58.0.1 addresses an ‘arbitrary code execution’ flaw in which originates due to ‘insufficient sanitization’ of HTML fragments in chrome-privileged documents (browser UI).

Hackers could exploit This kind of vulnerability (CVE-2018-5124) to run arbitrary code on the victim’s computer just by tricking them into accessing a link or ‘opening a file in which submits malicious input to the affected software.’

“A successful exploit could allow the attacker to execute arbitrary code with the privileges of the user. If the user has elevated privileges, the attacker could compromise the system completely,” the advisory states.

This kind of could allow an attacker to install programs, create completely new accounts with full user rights, along with view, change or delete data.

However, if the application has been configured to have fewer user rights on the system, the exploitation of This kind of vulnerability could have less impact on the user.

Affected web browser versions include Firefox 56 (.0, .0.1, .0.2), 57 (.0, .0.1, .0.2, .0.3, .0.4), along with 58 (.0). The vulnerability has been addressed in Firefox 58.0.1, along with you can download via the company’s official website.

The issue, which was discovered by Mozilla developer Johann Hofmann, does not affect Firefox browser for Android along with Firefox 52 ESR.

Users are recommended to apply the software updates before hackers exploit This kind of issue, along with avoid opening links provided in emails or messages if they appear via suspicious or unrecognized sources.

Administrators are also advised to use an unprivileged account when browsing the Internet along with monitor critical systems.

Article Categories:
Security Hacks

Leave a Comment

Your email address will not be published. Required fields are marked *

19 + 19 =