Beware of this Firefox security flaw!

What happened!?

Firefox parent company, Mozilla, released an emergency Firefox update with a warning this week. The update comes after the software giant discovered a serious security vulnerability. They said the vulnerability makes it possible for attackers to take control of users’ computers.

Am I safe?

The issue is within desktop versions of the browser, which includes Firefox ESR. Firefox ESR is mainly used by ‘system administrators’. This means those who control ‘desktop environments’ in large organizations like schools, offices, governments, etc… So unless you use a desktop version you aren’t at risk.

However Mozilla are yet to release the specific details of the problem. Or even how they were made aware of it.

This means we don’t know how many were affected by the issue. However they do give credit to a Chinese internet security firm for discovering it.

What do we know?

Tech expert site ARS Technica describe the breach as “…a type confusion. A potentially critical error that can result in data being written to / read from memory locations that are normally off-limits.”

By accessing these memory locations it allows attackers to discover areas where malicious code is stored. They can also bypass systems designed to randomise these locations.

With this ability hackers could crash entire systems. This would obviously be disastrous if it happened within a hospital or government system that uses Firefox.

What should I do to stay safe?

If you have been using the Desktop version of Firefox you should immediately update your software.

You should:

Many assume that antivirus can protect from all security breaches, but this obviously that isn’t the case! That’s why it’s important to keep all software and mobile apps up to date with the latest update releases.

Sure they’re annoying and too frequent, but there’s always a reason for them!