Both Mozilla and US federal agency CISA have issued security advisories concerning Firefox 72 and Firefox ESR, after hackers found and exploited a vulnerability in the browser.
Apparently the vulnerability lies within IonMonkey Firefox’s just-in-time compiler, something that’s designed to speed up the JavaScript performance.
Related: Best VPNs
Malicious parties were actively exploiting a “type confusion” vulnerability found here, which is one of the more common types of security weaknesses associated with browsers. These vulnerabilities can be used and exploited in various ways – to crash computers or to trick users into installing malware, for example.
Mozilla hasn’t confirmed the full details of this particular vulnerability so we’re not sure of the exact details of the bug. At present, it is advising users to update the browser as soon as possible.
“We are aware of targeted attacks in the wild abusing this flaw,” the company has confirmed, underlining just how important it is that you update.
According to the advisory itself, QiHoo 360 ATA, a Chinese internet security firm, was responsible for first spotting and reporting the bug.
This isn’t the first time that Mozilla has been hit by security troubles. Back in June 2019 the company advised people to update their browsers immediately after a zero-day security flaw was found in their browser. Again, this was a security flaw that internet baddies managed to discover and exploit while it was still accessible.
Related: Best antivirus
To make sure that you’re using the latest version of Mozilla Firefox, navigate to the menu while the browser is open and hit the help button. Next, hit ‘About Firefox’ to open up a new window. From here, Firefox should do all the work for you, checking for updates and automatically downloading. Once it’s finished updating you’ll need to restart the browser.
Still stuck? The company has a handy guide for updates here.