Mozilla Patches Two Actively Exploited Firefox Zero-Days

[LASER_oneXM]

Content source

https://www.bleepingcomputer.com/news/security/mozilla-patches-two-actively-exploited-firefox-zero-days/

Mozilla released Firefox 74.0.1 and Firefox ESR 68.6.1 earlier to address two critical vulnerabilities actively abused in the wild that could lead to remote code execution on vulnerable machines.

The two security flaws fixed today could potentially allow attackers to execute arbitrary code or trigger crashes on machines running vulnerable Firefox versions.
As Mozilla's security advisory says, the Firefox developers "are aware of targeted attacks in the wild abusing" these two vulnerabilities with a Critical severity rating.

The Firefox and Firefox ESR zero-day flaws fixed by Mozilla today were reported by Francisco Alonso working with Javier Marcos of JMP Security.
... ...

 

[blackice]

Sheesh, could be time to just go back to Chrome

 

[shmu26]

Sheesh, could be time to just go back to Chrome

Note that the report said targeted attacks. That's where the money is.
If we start to hear about random websites that infect visitors using firefox, then it's time to go back to chrome, or to use advanced security.