Mozilla released an emergency update for Firefox that fixes a critical vulnerability. Discovered by members of Google Project Zero and Coinbase Security, the bug allows a malicious site to infiltrate dangerous code on the computer through the browser.
In a note on the security update, Mozilla stated that it has already detected hacker attacks from the security breach.
Known as “type confusion”, the failure is related to the manipulation of JavaScript objects.
It was not announced by Mozilla that the vulnerability would result in hacker attacks. The fix has already been released in versions 115.0.2 or 115.0.2esr of Firefox, available for free as an upgrade or via new download.
Similar failures have been common in Flash Player in the past. In theory, a hacker would be able to trick the browser into letting compromised material pass to the victim’s PC.
Although there is already a patch available, the bug in Firefox causes concern for the delay in identifying the problem; according to Mozilla, there are already criminals exploiting the security breach. For now, it is not known the number of victims hit or the motivation for the attacks.
How to update Firefox and protect yourself
Those who have the Firefox browser installed should have already received the new version automatically. In that case, just close and reopen the browser to apply the update.
You can also download the latest browser version from the Mozilla website at the following address: mozilla.org/en/firefox/new
In any case, users can manually download the Firefox update from their browser settings.
To do this, open the main menu, go to the “Options” item, and scroll to the “Firefox Update” section. Make sure version 115.0.2 or higher is installed. To ensure that future updates are automatically obtained, check the “Install updates automatically” option.