Zero-day vulnerability found in Firefox browser – Update now!

ByCraig Haley

A serious zero-day vulnerability has been found in the popular Firefox browser and users are advised to ensure that they have the latest version installed.

The vulnerability could allow crooks to automatically execute malicious code inside the victim’s browser when they visit an affected webpage, which could then lead to any number of different scams. This exploit is particularly serious since no user interaction is required (other than visiting an affected webpage) to be at risk of being a victim.

That’s bad. In fact, serious zero-day exploits found in popular web browsers are comparatively rare. The last time Mozilla [Firefox] had to patch a zero-day exploit was back in 2016.

What’s a zero day vulnerability?

A zero-day vulnerability is a vulnerability that is already being exploited by the bad guys before the good guys even knew of its existence. The “zero-day” part refers to the number of days the good guys (i.e. the developers) had to fix the vulnerability before crooks would try and exploit it. Obviously, if the bad guys are already using it to attack victims before the good guys even knew about it, that number is going to be zero.


Sponsored Content. Continued below...




What should I do?

Simply, make sure Firefox is up-to-date. You should have version 67.0.3 or above. Luckily updating Firefox is easy peasy, since it checks for updates each time you start it and should apply them. If you’re not sure or want to force Firefox to update, simply click the three lined “hamburger” icon on the top right and select Help and then About Firefox. Then restart the browser.

That will force the browser to check for any updates as well as tell you what version you’re currently using. Don’t use the browser until it is up-to-date.

How is the zero-day vulnerability being exploited?

Mozilla, the developer of Firefox, has said they’ve seen reports on crooks using this zero-day already, but there are little details on exactly how that is happening. Fortunately this vulnerability isn’t serious enough to give crooks access to a victim’s entire device (at least not by itself) but there are still a number of scams crooks could potentially pull off by exploiting this vulnerability alone.

Keep up-to-date with all the latest cybersecurity threats and our tips to stay safe online. Follow us on Facebook, Instagram and Twitter.

Continued below...


Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)

Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)