Active Stocks
Mon Nov 04 2024 15:56:39
  1. Tata Steel share price
  2. 146.95 -1.84%
  1. Reliance Industries share price
  2. 1,302.00 -2.77%
  1. Tata Motors share price
  2. 824.10 -2.31%
  1. ICICI Bank share price
  2. 1,276.40 -1.21%
  1. ITC share price
  2. 484.70 -1.19%
Business News/ Technology / Mozilla Firefox users beware! Here's what you should do after high severity warning from Indian govt
BackBack

Mozilla Firefox users beware! Here's what you should do after high severity warning from Indian govt

CERT-In alerts users about multiple vulnerabilities in Mozilla Firefox and Thunderbird, affecting earlier versions. These flaws could allow remote code execution. Mozilla has responded with an urgent update for Firefox to mitigate a serious zero-day vulnerability.

FILE PHOTO: The Firefox logo is seen at a Mozilla stand during the Mobile World Congress in Barcelona, February 28, 2013. REUTERS/Albert Gea/File Photo (REUTERS)Premium
FILE PHOTO: The Firefox logo is seen at a Mozilla stand during the Mobile World Congress in Barcelona, February 28, 2013. REUTERS/Albert Gea/File Photo (REUTERS)

Computer Emergency Response Team (CERT-In), the cyber security watchdog under the Ministry of Electronics and Information Technology (MeitY), has issued a high severity warning for Mozilla Firefox and Mozilla Thunderbird. The alert states that multiple vulnerabilities have been found on Mozilla products that could be used by an attacker in order to executed an arbitrary code on the user's system. 

As per CERT-In, the vulnerabilities affect Mozilla Firefox versions prior to Firefox 131, Firefox ESR version 128.3 and 115,16 and Firefox Thunderbird versions perior to 128.3 and 131. 

Revealing the behind the vulnerabilities, CERT-In noted, “These vulnerabilities exist in Mozilla Firefox due to Prevention of users from exiting full-screen mode in Firefox Focus for Android; Bypass of site isolation by Compromised content process; Cross-origin access to PDF and JSON contents through multipart responses; Obscuring of download type through Specially crafted filename; Potential memory corruption through cloning certain objects; Potential directory upload bypass via clickjacking; Enumeration of External protocol handlers via popups; Denial of service through Specially crafted WebTransport request; Potential memory corruption during JIT compilation and Memory safety bugs"

Concerningly, the agency noted that these vulnerabilities could be exploited by a remote attacker to convince a victim to open a specially crafted web request. 

Mozilla accepts vulnerabilities with Firefox: 

Meanwhile, Mozilla also rolled out an emergency update to fix its zero day vulnerability with the Firefox 131.0.2 update. In a security advisory report on its website, Mozilla said that the vulnerability was related to use after free CSS animations which could be used by a cybercriminal to execute malicious code on the user's system.

How to update Mozilla Firefox to the latest version? 

1) Open the Firefox menu by clicking on the hamburger like sign on the top right cornrer

2) Click on help

3) Click on About Firefox

4) Check for updates and install them

 

 

3.6 Crore Indians visited in a single day choosing us as India's undisputed platform for General Election Results. Explore the latest updates here!

Catch all the Technology News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates & Live Business News.
More Less
Published: 11 Oct 2024, 10:01 AM IST
Next Story footLogo
Recommended For You