Mozilla Releases Firefox 100.0.2 With Critical Security Fixes

Mozilla has just released a new Firefox version, and this time, the minor revision is actually pretty big news when it comes to security.

This is because the brand new update, that can bring the browser to version 100.0.2, includes two critical security fixes, because of this, everyone is recommended to set up it as being soon as possible.

Mozilla has flagged both security fixes having a critical severity rating, revealing these were reported by researcher Manfred Paul of Trend Micro’s Zero Day initiative.

The very first bug is really a prototype pollution in Top-Level Audit implementation.

“If an attacker was able to corrupt the methods of the Array object in JavaScript via prototype pollution, they might have achieved execution of attacker-controlled JavaScript code in a privileged context,” Mozilla says.

The second vulnerability, which is documented in CVE-2022-1529, is definitely an untrusted input utilized in Javascript object indexing, and Mozilla says it also results in prototype pollution.

“An attacker could have sent a message towards the parent process where the contents were utilised to double-index into a JavaScript object, leading to prototype pollution and eventually attacker-controlled JavaScript executing in the privileged parent process,” the company says.

Update Firefox ASAP

As stated, all users are recommended to update to the latest Firefox version as soon as possible, especially given the security implications.

Right now, Firefox is the only big non-Chromium browser on the market, and it’s seen by many because the alternative to the domination of Google Chrome. However, third-party statistics have says while Google’s browser may be the number one choice out there, having a market share of nearly 70 %, the runner-up place happens to be of Microsoft Edge.

Microsoft’s new browser, also running on Chromium, is now the default choice in Windows 10 and Windows 11, but it’s also available alternatively platforms, including Linux and macOS.

Leave a comment

Your email address will not be published. Required fields are marked *