Critical Firefox Vuln Used in Targeted AttacksMozilla has released patches for the bug reported by Coinbase.
Mozilla has patched a critical vulnerability under active exploit in the Firefox browser.
The researcher who discovered the flaw – Samuel Groß of Google Project Zero and Coinbase Security – stated on Twitter: "The bug can be exploited for RCE but would then need a separate sandbox escape. However, most likely it can also be exploited for UXSS which might be enough depending on the attacker's goals."
The vulnerability has been fixed in Firefox 67.0.3 and Firefox ESR 60.7.1. Read more here and here.
Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio