Firefox users need to patch their browsers. Hackers have been exploiting a serious bug in the software, which can be used to take over the entire computer.
The US Cybersecurity and Infrastructure Security Agency has also issued an advisory, which warns, “an attacker could exploit this vulnerability to take control of an affected system.” Indeed, past type confusion flaws in software have been known to let hackers remotely execute code over a computer, which can pave the way for additional malware to be installed over an affected system.
Mozilla has patched the flaw with Firefox 67.0.3, which you can download over the company’s website. It’s also releasing the update automatically over the browser. To check if your browser has the update, go to “Firefox” on the menu bar, and then select “About Firefox.” A new window should open that’ll prompt the browser to download the latest version if it hasn’t already been installed.
The same flaw was found in Firefox ESR, which is designed for large organizations such as businesses and schools. Affected users can patch their systems by downloading Firefox ESR 60.7.1.
Security researchers with Google and the cryptocurrency exchange Coinbase discovered the Firefox flaw.