Earlier this week, Mozilla was launching a new version of its web browser: Firefox 72. This new version reached the users with interesting improvements, especially in relation to privacy, in addition to bringing a new notification control system. The new version of Firefox is now available to all users. However, it has also come with a critical security flaw, a vulnerability that is endangering all users. And not only that, but it is also being actively exploited on the Internet.
This security flaw was discovered yesterday, just one day after the browser’s 72 version began to reach users. This security breach has been registered as CVE-2019-11707 , and discovered by the researchers of the security company Qihoo 360 ATA. The bug is present in the Just-In-Time IonMonkey compiler. A confusion of type confusion when processing the information that can allow an attacker to easily execute code on our computer .
The Cybersecurity and Infrastructure Security Agency of the United States recommends being alert, since there have been cases in which several hackers have managed to take control of computers remotely (via the Internet), and the number of Computer attacks through this vulnerability are triggered in the next few hours.
This security flaw affects both Firefox for Windows and macOS and for Linux. With the right technique it can be used to take control of any PC. It even ignores antivirus and other security measures.
Update Firefox as soon as possible if you don’t want to be in danger
Mozilla has already released a security patch for your web browser: Firefox 72.0.1. This security patch corrects this serious vulnerability and protects all users of your browser from this dangerous failure.
In addition, this new emergency patch takes the opportunity to correct another 11 vulnerabilities discovered in the browser and that had not been solved with the release of version 72 of the browser. Of these 11 vulnerabilities, 5 have been classified as critical, another 5 of medium danger and only one as low danger. Of course, hackers have not yet used these 11 vulnerabilities. They were just taking advantage of what we have explained.
For security, Mozilla has not given more information about the vulnerabilities fixed with the Firefox 72.0.1 emergency patch . After a few days, and most users have already updated their browsers, they will publish detailed and technical information about all these security flaws.
How to update your browser to protect yourself
All users can now update Firefox to this latest version to be protected. If we are already browser users, we can download this important security patch from the Help> About Firefox section.
The patch will be downloaded and installed in our browser. After restarting it, we will be able to navigate safely again. If we do not manually enter this section, the patch will soon be downloaded in the background and will be installed the next time we close and open the browser.
Finally, if we are not yet users of this browser, we can download it from its website. The ESR version of the browser has also been affected by these security flaws. Users using this extended support browser must upgrade to Firefox ESR 68.4.1 to be protected.