March 28, 2024
Headlines

Mozilla fixes two critical security issues in Firefox and Thunderbird

Miners Hashrate04 mins
actualización de seguridad de firefox 100.0.2

Mozilla fixes two critical security issues in Firefox and Thunderbird

Contents hide
1 What is your reaction?
2 Related posts:

Mozilla released updates for its Firefox and Firefox ESR web browsers on May 20, 2022. The Thunderbird development team also released a patch for the email client. The security updates fix two critical security issues in the Firefox and Thunderbird web browser.

Here is the list of products with updates:

  • Firefox 100.0.2
  • Firefox ESR 91.9.1
  • Firefox para Android 100.3
  • Thunderbird 91.9.1

Updates are now available and most user installations will update automatically. Desktop users who don’t want to wait for that to happen can run a manual update check to speed up the installation.

  • Firefox: Select Menu > Help > About Firefox. Firefox runs a manual update check. Any updates found will be downloaded and installed.
  • thunder bird: Select Help > About Thunderbird. Thunderbird will also check for updates and install any that it finds.
Read This Now:   A megayacht with a giant observatory resembling a black hole

Note: Firefox for Android is updated through Google Play. There is no option to speed up the delivery of updates on Android through Google Play.

He official release notes list a single entry confirming the security nature of the update. Mozilla has released a security advisory for all affected versions of the web browser providing additional details about the issues:

There, users discover that two security issues have been fixed in the update. Both issues are rated critical, the highest severity rating available. Manfred Paul informed Mozilla through Trend Micro’s Zero Day initiative.

CVE-2022-1802: Contamination prototype in Top-Level Await implementation

If an attacker was able to corrupt the methods of an Array object in JavaScript through prototype contamination, they could have succeeded in executing attacker-controlled JavaScript code in a privileged context.

CVE-2022-1529: Untrusted input used in JavaScript object indexing, leading to prototype contamination

An attacker could have sent a message to the main process where the contents were used to double-index into a JavaScript object, leading to prototype contamination and ultimately attacker-controlled JavaScript execution in the main process privileged.

Linked bug reports are restricted. Mozilla does not mention attacks in the wild that target these vulnerabilities.

Read This Now:   19

Firefox and Thunderbird users may want to update their applications quickly to protect against attacks targeting these issues.

Now you: When do you update your apps?

advertising









Related posts:

Google’s Self-Designed Tensor Chips will Power Its Next Apple Unveils Smartwatch With a Focus on Fitness FSP T-Wings, a box to mount two PCs at onceFSP T-Wings, a box to mount two PCs at once PS5 and Xbox Series X SSDs will surpass PC NVMePS5 and Xbox Series X SSDs will surpass PC NVMe new 32GB DDR4 memories with ultra low latencynew 32GB DDR4 memories with ultra low latency WQHD IP monitor of 27 inches and 170 HzWQHD IP monitor of 27 inches and 170 Hz

Related News


Notice: ob_end_flush(): failed to send buffer of zlib output compression (1) in /home/gamefeve/bitcoinminershashrate.com/wp-includes/functions.php on line 5373

Notice: ob_end_flush(): failed to send buffer of zlib output compression (1) in /home/gamefeve/bitcoinminershashrate.com/wp-includes/functions.php on line 5373