Firefox Update Fixes Zero-Day Vulnerability

Firefox Update Fixes Zero-Day Vulnerability Featured Image
Ivana Vojinovic Image
Published:

January 09,2020

DataProt is supported by its audience. When you buy through links on our site, we may earn a commission. This, however, does not influence the evaluations in our reviews. Learn More.

The latest update to Firefox (v72.0.1) patched up a ‘type confusion’ vulnerability in Mozilla’s beloved browser.

The zero-day vulnerability impacted IonMonkey, which is a JavaScript JIT compiler for SpiderMonkey.  

A ‘type confusion’ exploit manipulates the memory allocation of inputs. An input gets allocated to a certain type of memory space. The type of memory space is then switched, which leads to unwanted consequences and leaves the entire system vulnerable.

This is the third zero-day that the Firefox maker has fixed over the last year after patching up two major security loopholes in June 2019.  

The most recent problem was discovered by Chinese cyber-security firm, Qihoo 360.

Qihoo 360 also said in a tweet that Internet Explorer had a similar vulnerability but subsequently removed the post from the social network. Microsoft did not release an update for the browser nor did it issue any statements on the matter.

There are no comments yet
Leave your comment

Your email address will not be published.*