August 7, 2024 at 04:24AM Mozilla and Google released updates for their web browsers, patching a total of 20 vulnerabilities. Google’s Chrome version 127.0.6533.99 fixed six vulnerabilities of various severity, including a critical out-of-bounds memory access issue. Meanwhile, Mozilla’s Firefox version 129 addressed 14 vulnerabilities, 11 of which are rated as high severity. Both companies … Read more
March 25, 2024 at 11:04AM Mozilla quickly patched two critical Firefox zero-day vulnerabilities after they were demonstrated by researcher Manfred Paul at the Pwn2Own event in Vancouver. The bugs, rated “critical,” allowed for out-of-bounds read/write and privileged code execution. Mozilla released Firefox 124.0.1 to address the vulnerabilities, with some users encountering upgrade issues. Paul earned … Read more
March 25, 2024 at 06:18AM Mozilla has released updates for the Firefox browser to fix two zero-day vulnerabilities that were exploited at the Pwn2Own Vancouver 2024 hacking contest. The first vulnerability allows for bypass of range analysis, while the second issue leads to a sandbox escape. Both vulnerabilities are considered critical and were patched in … Read more
March 22, 2024 at 01:52PM Mozilla released security updates to fix two zero-day vulnerabilities in the Firefox web browser exploited during the Pwn2Own Vancouver 2024 hacking competition. Manfred Paul earned $100,000 and 10 Master of Pwn points after exploiting the flaws. Mozilla quickly patched the vulnerabilities in Firefox 124.0.1 and Firefox ESR 115.9.1 to prevent … Read more
January 25, 2024 at 06:48AM Mozilla announced security updates for Firefox and Thunderbird to patch 15 vulnerabilities, including five high-severity flaws. The first flaw could allow memory corruption and potential denial of service or execution of arbitrary code. Other issues include failure to update user input timestamp, unchecked return value in TLS handshake code, and … Read more
December 21, 2023 at 06:06AM Mozilla has revised its position to implement Trusted Types in its Firefox browser, aiming to decrease web attacks relying on injected code. This technology addresses DOM-XSS, reducing the common vulnerability. Still undergoing technical improvements, it’s expected to enhance web security when widely adopted. Tech giants like Google, Meta, and Microsoft … Read more
December 20, 2023 at 10:21AM Mozilla announced security updates for Firefox 121 and Thunderbird 115.6 addressing 21 vulnerabilities, including high-severity issues like WebGL heap buffer overflow, NSS NIST curves vulnerability to Minerva attack, and uninitialized data exposure in EncryptingOutputStream. Both updates also include patches for several memory safety issues. The release notes contain further details. … Read more