Reuters
- A security vulnerability of Firefox72 allowed hackers access to the computer of anyone using the browser.
- Firefox users should immediately update to the latest version to fix the vulnerability, according to the US Cybersecurity and Infrastructure Security Agency (CISA), a subset of the Department of Homeland Security.
- The update had only been out a few days when the vulnerability was found.
- Visit Business Insider's homepage for more stories.
A security flaw in Firefox 72 allows hackers to access computer running the browser, MacRumors reported.
The US Cybersecurity and Infrastructure Security Agency (CISA), a subset of the Department of Homeland Security, recommends users immediately update to the newest version. "An attacker could exploit this vulnerability to take control of an affected system," CISA said. "This vulnerability was detected in exploits in the wild."
Mozilla released an update, and wrote in a statement, "We are aware of targeted attacks in the wild abusing this flaw." The update patches the vulnerability, and Firefox users can download it here.
Chinese security company Qihoo found the vulnerability two days after the update was released, according to MacRumors. The vulnerability was a "zero-day," meaning that it was a flaw unknown to the company and affected parties, so they had zero days to prepare or protect themselves. Mozilla has dealt with two other zero-day vulnerabilities recently, both in June of 2019. Both flaws allowed unauthorized people to run malicious code on the Firefox browser, although ZDNet reported that the earlier attacks targeted Coinbase employees, not Firefox users.
Firefox can be updated within Firefox, or on Mozilla's website.