Mozilla has just released Firefox 66.0.1 and Firefox 60.6.1 ESR to the public. The two new versions of Firefox patch critical security issues in the web browser.
Firefox users should receive the updates automatically if automatic updates are turned on in the browser (as is default). The new versions are also available as standalone downloads from Mozil's official website.
Firefox users can choose Menu> Help> About Firefox to run a manual check for updates to download the new version immediately. It takes a while since Firefox doesn't run real-time update checks.
Firefox 66.0.1 and Firefox 60.6.1 ESR
Mozilla patched two critical security issues in Firefox 66.0.1. and Firefox 60.6.1 Extended Support Release (ESR).
The vulnerabilities are listed on the official Firefox Security Advisories website:
CVE-2019-9810 : IonMonkey MArraySlice has incorrect alias information
Incorrect alias information in IonMonkey JIT compiler for the Array.prototype.slice method can lead to lack of border control and buffer overflow.
CVE-2019-9813 : Ionmonkey type confusion with __proto__ mutations
Incorrect handling of __proto__ mutations can lead to confusion of the type in IonMonkey JIT code and can be exploited to read and write arbitrary memory .
Additional information is not available at this time. The linked error ads are blocked from the public.
The two researchers who discovered the vulnerabilities are Richard Zhu and Amat Cama, and it is probably not by chance that scientists attacked Firefox successfully in this year's Pwn2Own competition.
Security researchers managed to use an exploit in Firefox to execute code-level code if a user visited a specifically prepared site.
They used a JIT error in the browser and then used an out-of-bounds write in the Windows kernel to effectively take over the system. They were able to execute code at SYSTEM level just by using Firefox to visit their specially crafted site.
The competition saw yet another successful targeting of Firefox. Niklas Baumstark exploited a JIT error in Firefox to escape the sandbox that would allow an attacker to run code on the device with the same permissions as the logged in user.
He used a JIT error in the browser followed by a logical error to escape the sandbox. In a scenario, in fact, an attacker can use this to run their code on a target system at the level of the logged in user.
It is recommended to update to the new patched versions of Firefox to protect the browser and Underlying system from attacks directed against these vulnerabilities.