Firefox Zero-Day Under Attack: Update Your Browser Immediately!
Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2024-9680, discovered by ESET researcher Damien Schaeffer, has been described as a use-after-free bug in the Animation timeline component.
"An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines," Mozilla said in a Wednesday advisory.
The issue has been addressed in the following versions of the web browser:
Firefox 131.0.2
Firefox ESR 128.3.1, and
Firefox ESR 115.16.1.
See more:
https://thehackernews.com/2024/10/mozilla-warns-of-active-exploitation-in.html
https://www.bleepingcomputer.com/news/security/mozilla-fixes-firefox-zero-day-actively-exploited-in-attacks/
#security #cve