Firefox’s parent company Mozilla just pushed out a critical zero-day exploit patch to its browser. The California based company has confirmed (via The Next Web) that the exploit was used in targeted attacks, and it has urged users to update immediately.
The exploit takes advantage of “incorrect alias information in IonMonkey JIT compiler.” Chinese cybersecurity firm Qihoo 360 reported the vulnerability. Mozilla did not reveal precisely how attackers have taken advantage of the exploit, but the US Cybersecurity and Infrastructure Security Agency claims an attacker could exploit it to take control of a user’s system.
Related: 10 best security apps for Android
The CISA operates under the oversight of the US Department of Homeland Security, and it joins Mozilla in urging users to update Firefox as soon as possible. Mozilla pushed the patch out to versions 72.0.1 and ESR 68.4.1, so your browser is secure as long as you are on one of these.
How to update Firefox browser to avoid zero-day exploit
To update the desktop version of Firefox, navigate to the drop-down menu in the top-right corner. From here, navigate to Help > About Firefox to see your current version. It will then ask you to restart your browser to finish the update.
To update the mobile version, tap the three dots at the top-right of the browser. Then, navigate to Settings > Mozilla Firefox > About Firefox to see your current version. You can check for any updates by heading to the Firefox download page in the Google Play Store or by clicking the link below.