Following the discovery of a zero-day vulnerability in its browser, Mozilla Firefox encourages users to instantly update to the latest version of its desktop app – which includes Firefox ESR intended for use by desktop administrators managing desktop environments in schools, offices, governments and other organizations.
The error described as a "type confusion vulnerability" has gained a "critical" level of influence as it allows external users to remotely execute code on your machine without your permission.
Make yourself harmless
Array.pop . This may allow for a exploitable crash," Mozilla says at its security advisory page.
Concernedly, the company also notes that there have already been cases of "targeted attacks in the wild that abuse this error", which means that you really should update to the fixed versions (Firefox 67.0.3 and Firefox ESR 60.7.1
Fortunately, Mozilla has the ability to automatically implement patches and security updates, which means that in theory you only have to restart Firefox in order to receive the fixed version.
Recently, Mozilla has also expanded new security tools into its Firefox browser to prevent two other harmful security and privacy issues – fingerprints and cryptojacking.
[Source: Register ]