This week, Mozilla developers released updated versions of Firefox (72.0.1 and ESR 68.4.1), which fixed a vulnerability already actively used by hackers.

The bug, which received the identifier CVE-2019-17026, was discovered by experts of the Chinese company Qihoo 360, and it was related to the work of IonMonkey – the JavaScript JIT compiler SpiderMonkey, the main component of the Firefox kernel responsible for JavaScript operations (browser JavaScript engine). The vulnerability has been classified as type of confusion.

So far, researchers and developers of Firefox have not reported exactly how the attackers used this problem.

ZDNet reporters noticed that Qihoo 360 experts tweeted that it claimed that 0-day in Firefox was used in conjunction with another zero-day issue in Internet Explorer. But later this entry was deleted, and Microsoft has not yet reported anything about the 0-day vulnerability in their browser.

Twitter:  Rapidsafeguard
Instagram: Rapidsafeguard
Facebook: Theeasyhack
YouTube: Rapidsafeguard
LinkedIn: Rapidsafeguard


Please enter your comment!
Please enter your name here