‘We are aware of targeted attacks in the wild abusing this flaw,’ Mozilla said in the advisory. It’s not clear how the hackers were exploiting the bug, but they likely created a malicious website to trigger the flaw.
It‘s time to patch, Firefox users. Hackers are exploiting a serious bug in the browser to take over computers.
It remains unclear how the hackers were exploiting the bug, but they likely created a malicious website to trigger the flaw, and then tricked unsuspecting users into visiting it.
Researchers at Chinese antivirus company Qihoo 360 uncovered the vulnerability, which has been rated as “critical.” The threat is bad enough that the Department of Homeland Security’s cyber division also issued an alert urging users to patch.
To stay safe, Firefox users should update to version 72.0.1; enterprise users on Firefox ESR should be on version 68.4.1. Update by going to the “About Firefox” option in the browser, which is under the “Help” tab for Windows users and the “Firefox” tab for Mac users. It’s also possible the browser may have already initiated an automatic update.