• Home
  • Apps
  • Apps News
  • Mozilla Firefox 72.0.1 Debuts to Fix an Actively Exploited Zero Day Vulnerability

Mozilla Firefox 72.0.1 Debuts to Fix an Actively Exploited Zero-Day Vulnerability

The latest zero-day vulnerability has been indexed as CVE-2019-17026.

Mozilla Firefox 72.0.1 Debuts to Fix an Actively Exploited Zero-Day Vulnerability

Mozilla has released the new Firefox version just a day after bringing its version 72.0.0

  • Mozilla Firefox 72.0.1 is available for download
  • A security advisory has been issued to detail the flaw
  • Mozilla last year fixed two zero-day vulnerabilities in Firefox

Mozilla has released Firefox 72.0.1 that patches an actively exploited zero-day vulnerability. The flaw, which is the third zero-day that the Firefox maker has fixed over the last year after patching two major security loopholes in June last year, impacted JavaScript JIT compiler IonMonkey. It was first reported by China's Qihoo 360. The new Firefox release comes just a day day after Mozilla brought its version 72.0.0 with fixes for six high-rated vulnerabilities. Three of those loopholes could allow attackers to run malicious code remotely on affected systems to gain backdoor access.

The latest zero-day vulnerability has been indexed as CVE-2019-17026. Mozilla has confirmed through a security advisory that the flaw has been fixed in Firefox 72.0.1 as well as Firefox ESR 68.4.1.

“Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw,” the company noted while describing the vulnerability in its advisory.

Mozilla has credited Qihoo 360 for reporting the flaw. However, further clarity on its impact hasn't been provided.

The vulnerability was categorised as a type confusion, which is potentially a critical error that could impact data processing. It is unclear that how it has been leveraged by attackers, though.

As reported by Catalin Cimpanu of ZDNet, Qihoo 360 Core highlighted that in addition to the flaw existed in Firefox, a zero-day vulnerability is affecting Internet Explorer. The Chinese firm, however, reportedly deleted the details revealing the issue within Microsoft's Web browser after briefing posting them on Twitter.

Mozilla in June last year fixed two zero-day vulnerability issues that impacted Coinbase employees and Mac users involved in cryptocurrency exchange. The vulnerabilities were indexed as CVE-2019-11707 and CVE-2019-11708.

Users are advised to download the latest Firefox version to avoid any security issues. The browser can be updated by going through Help > About Firefox.


For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Jagmeet Singh writes about consumer technology for Gadgets 360, out of New Delhi. Jagmeet is a senior reporter for Gadgets 360, and has frequently written about apps, computer security, Internet services, and telecom developments. Jagmeet is available on Twitter at @JagmeetS13 or Email at jagmeets@ndtv.com. Please send in your leads and tips. More
CES 2020: Samsung Launches Portable SSD T7 Touch With Fingerprint Sensor, Arrives Next Month in India
Share on Facebook Tweet Snapchat Share Reddit Comment




© Copyright Red Pixels Ventures Limited 2021. All rights reserved.
Listen to the latest songs, only on JioSaavn.com