Oddbean new post about login | logout Firefox Zero-Day Under Attack: Update Your Browser Immediately! Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-9680, discovered by ESET researcher Damien Schaeffer, has been described as a use-after-free bug in the Animation timeline component. "An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines," Mozilla said in a Wednesday advisory. The issue has been addressed in the following versions of the web browser: Firefox 131.0.2 Firefox ESR 128.3.1, and Firefox ESR 115.16.1. See more: https://thehackernews.com/2024/10/mozilla-warns-of-active-exploitation-in.html https://www.bleepingcomputer.com/news/security/mozilla-fixes-firefox-zero-day-actively-exploited-in-attacks/ #security #cve