Mozilla Pounces On New Firefox Zero-Day Exploit
Vulnerability discovered in Firefox 3.0.x browsers considered critical
A zero-day exploit for Firefox was unleashed online yesterday, but Mozilla didn't waste any time before patching for the critical vulnerability it abuses: The open-source group now has a patch ready for the flaw that will ship with the next Firefox update on April 1.
The researcher who discovered the vulnerability yesterday released with it proof-of-concept code. Mozilla developers jumped on it right away, coming up with a fix.
The flaw is a remote memory corruption vulnerability that affects all versions of Firefox 3.0.x, and could let an attacker execute malware on a victim's machine or crash the browser, according to the vulnerability report. The user would have to be lured into viewing a malicious file with his Firefox browser.
Johnathan Nightingale, whose title at Mozilla is "human shield," says so far Mozilla hasn't seen signs of an exploit in the wild for the bug.
The vulnerability affects Windows, OS X, and Linux versions of Firefox 3.0.x.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024