Firefox Patches a Zero Day Bug Capable of Giving Attackers Control of your Computer

Mozilla has fixed a critical zero-day bug that affects desktops. The vulnerability is capable of allowing the attacker to take control of users’ computers. Mozilla was already aware of targeted attacks and thus fixed the bug pronto.

Mozilla also added that attacks can be used to “take control of an affected system” and credited Qihoo 360 for discovering the flaw. That being said, Mozilla and Qihoo are both tight-lipped about the details and understandably so. The zero-day bug is a vulnerability that is already known to the vendor and attacks that exploit such vulnerability is often called a zero-day exploit.

The vulnerability is said to target a JavaScript JIO compiler which is a primary Firefox component that handles JavaScript operations. Furthermore, the vulnerability apparently falls under the category of type confusion. The memory bug is when data gets allocated as a particular type and changes to another type. This causes undesirable changes in the data processing. Meanwhile, it will also allow attackers to zero in on memory locations with stored malicious codes.

Firefox seems to be having a handful, they recently fixed 11 bugs which included six high rated ones. Some of the bugs were capable of letting attackers take control of your computer. Now Firefox has fixed the problem by issuing a patch via Firefox 72.0.1. Last year, Mozilla was forced to patch zero-days after attackers tried to exploit the same on Macs used by Coinbase, a popular cryptocurrency firm.

The best way to safeguard your computers from the vulnerability is to install the patch. All you need to do is head over to About Firefox and use the in-browser update feature.

[via Mozilla]