Firefox update fixes zero-day vulnerability

The latest update to Firefox (v72.0.1) patched up a ‘type confusion’ vulnerability in Mozilla’s beloved browser.

The zero-day vulnerability impacted IonMonkey, which is a JavaScript JIT compiler for SpiderMonkey.

A ‘type confusion’ exploit manipulates the memory allocation of inputs. An input gets allocated to a certain type of memory space. The type of memory space is then switched, which leads to unwanted consequences and leaves the entire system vulnerable.

This is the third zero-day that the Firefox maker has fixed over the last year after patching up two major security loopholes in June 2019.

The most recent problem was discovered by Chinese cyber-security firm, Qihoo 360.

Qihoo 360 also said in a tweet that Internet Explorer had a similar vulnerability but subsequently removed the post from the social network. Microsoft did not release an update for the browser nor did it issue any statements on the matter.

About author

Luka Arežina

A degree in philosophy left Luka stranded and lost on the job market until an unpaid internship with a cybersecurity company opened his eyes to an exciting and scary new world. He has since held many jobs and filled various positions in publishing, but the problem of online privacy has stuck with him – both philosophically and practically. Luka has combined his prowess at making complicated topics accessible with his passion for data safety. The result is DataProt: a project that helps folks retain the basics of a fundamental human need – privacy.