Popular web browser, Mozilla Firefox has reportedly released security updates on its Firefox 67.0.3 and Firefox ESR 60.7.1 to fix a critical bug which hackers actively exploited to target cryptocurrency users.
Coinbase Security and Google Project Zero’s Samuel Groß was the first to discover the zero-day exploit bug on Mozilla before the browser company confirmed and rated it as a “Critical Impact — Vulnerability.”
“Hackers could run an attackers code as well as install software using just normal browsing,” Mozilla wrote.
For the basics, a “zero-day exploit” is a critical vulnerability in the security of systems. As soon as a “zero-day exploit” is discovered, it is crucial that patches are released and also essential that browser users download the patch as well as update their browsers.
The reason for that is because information about the system becomes known to third parties even before developers release the patch. However, with the patch expected to have 0 days in stock to eliminate the defect, the Mozilla team released a patch in Firefox version 67.0.3 yesterday.
For those still running an unpatched version of Firefox, attackers can always inject a bug into their system through malicious web pages if they visit any while unprotected.
Additionally, Mozilla noted that “users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.”
Meanwhile, this is not the first time Mozilla is experiencing such a problem. In 2016, a problem similar to the “zero-day exploit” was discovered. However, information on the vulnerability was kept hidden from public knowledge to prevent such an attack from reoccurring.
While Mozilla precisely called on cryptocurrency users to be careful as there is an increase in crypto related attacks, all Firefox users are advised to update their browsers as soon as possible.
Read original at Coinfomania
Author: Rebecca Asseh