In an eyebrow raising announcement, users of Mozilla’s Firefox browser are urgently warned to upgrade to Firefox 72.0.1, Firefox Extended Support Release (ESR) 68.4.1, and Thunderbird 68.4.1 (which uses the Firefox engine) or later right away.
All software has bugs, and Mozilla’s software is no exception. Also, bad guys will ruin everything on the Internet.
What makes this warning from the United States Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) so important is that there are active attacks being made on Firefox compromised websites that have been infected with malicious web pages. Once an unpatched version of Firefox is successfully exploited, an attacker will be able to gain control over the Mac or Windows PC that the browser is running on.
The CISA cybersecurity warning reads:
“Mozilla has released security updates to address a vulnerability in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox 72.0.1 and Firefox ESR 68.4.1 and Thunderbird 68.4.1 and apply the necessary updates.”
Mozilla has provided directions for upgrading your copy of Firefox to the latest release on their support website.
Keep yourself safe. Apply this update, even if you normally do not like to apply software patches and upgrades.