The United States Cybersecurity and Infrastructure Agency (CISA) this week urged customers who are using the Firefox browser to upgrade to version 72.0.1, as there is a major vulnerability that could allow attackers to take control of affected computers.
Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR.
The Cybersecurity and Infrastructure Security Agency (CISA), part of the Department of Homeland Security encourages users and administrators to review the Mozilla Security Advisory for Firefox 72.0.1 and Firefox ESR 68.4.1 and apply the necessary updates.
The vulnerability was first discovered by Chinese company Qihoo 360 two days after the release of Firefox 72, but there is no word on how long the bug has been exploited nor who used the vulnerability or who might have been targeted. This is the third zero-day vulnerability that Mozilla has addressed within the last year, with the company patching two other major vulnerabilities in June 2019.
To update Firefox, users can open the browser, click on the Firefox menu, then on About Firefox. This will start the update.