Firefox update fixes zero-day vulnerability
The latest update to Firefox (v72.0.1) patched up a ‘type confusion’ vulnerability in Mozilla’s beloved browser.
The zero-day vulnerability impacted IonMonkey, which is a JavaScript JIT compiler for SpiderMonkey.
A ‘type confusion’ exploit manipulates the memory allocation of inputs. An input gets allocated to a certain type of memory space. The type of memory space is then switched, which leads to unwanted consequences and leaves the entire system vulnerable.
This is the third zero-day that the Firefox maker has fixed over the last year after patching up two major security loopholes in June 2019.
The most recent problem was discovered by Chinese cyber-security firm, Qihoo 360.
Qihoo 360 also said in a tweet that Internet Explorer had a similar vulnerability but subsequently removed the post from the social network. Microsoft did not release an update for the browser nor did it issue any statements on the matter.