Urgent: Update Firefox NOW! In Rare Move Immediate Firefox Update Urged by Homeland Security

Share the knowledge

Firefox users are being urged to update Firefox immediately. In a rare move, CISA, the Cybersecurity and Infrastructure Agency of the Department of Homeland Security, has issued a statement urging both OS X and Windows users to update Firefox immediately. If you have not updated to 72.0.1, just released on Wednesday, January 8th, do so now!

The reason for this is that versions of Firefox for both Windows and OS X that are any older than 8 Jan 2020 have a security vulnerability that not only allows a Firefox attack, but that has already been used by Firefox attackers.

More often security updates to software are the result of researchers and friendly hackers finding a security flaw, then notifying the software manufacturer that the vulnerability that they found could be exploited.

But in this case, bad guys are already exploiting it, and attacking users’ computers through the Firefox security flaw. The exploit allows the attacker to take full control of the victim’s computer.

Thus updating immediately to Firefox 72.0.1 is crucial, hence the Deparment of Homeland Security issuing such a rare notice.

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

Here is DHS’ announcement:

Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Firefox 72.0.1 and Firefox ESR 68.4.1 and apply the necessary updates.

Mozilla Patches Critical Vulnerability

Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Firefox 72.0.1 and Firefox ESR 68.4.1 and apply the necessary updates.

Source: https://www.us-cert.gov/ncas/current-activity/2020/01/08/mozilla-patches-critical-vulnerability

For its part, Mozilla Firefox has designated the update “critcal”, saying that that the issue is with “IonMonkey type confusion with StoreElementHole and FallibleStoreElement”, and explaining that “Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. {Emphasis added}

If you have not already been prompted by your Firefox browser to update to 72.0.1, here is how to immediately update Firefox to the newest version:

Go to your Firefox menu, and select ‘About Firefox’

about firefox menu

When the ‘About Firefox’ window opens, Firefox should automatically check for updates, and ask you to install them (or automatically install them if that is how you have set up Firefox).

urgent firefox update 72.0.1

If Firefox for any reason does not check for updates, close Firefox, wait 5 minutes, restart Firefox, and then apply the above steps.

Once the update is downloaded, be sure to restart Firefox so that the update is successfully incorporated.

Get New Internet Patrol Articles by Email!

The Internet Patrol is completely free, and reader-supported. Your tips via CashApp, Venmo, or Paypal are appreciated! Receipts will come from ISIPP.

CashApp us Square Cash app link

Venmo us Venmo link

Paypal us Paypal link

 


Share the knowledge

One thought on “Urgent: Update Firefox NOW! In Rare Move Immediate Firefox Update Urged by Homeland Security

  1. This seems to apply to Palemoon browser as well, it has an urgent security update for today as well

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.