Mozilla Firefox 67.0.3 Patches Actively Exploited Zero-Day


Mozilla Firefox 67.0.3 Patches Actively Exploited Zero-Day (Jun 19, 2019)

Mozilla has released two updates for its Firefox web browser to patch a critical zero-day vulnerability registered as, CVE-2019-11707. The vulnerability can be exploited by threat actors to execute code remotely to gain complete control of a vulnerable system. Actors could inject malicious code in the Javascript of a site and trick users of unpatched versions to run the code on their system.

Recommendation: The patched update for Firefox should be applied as soon as possible due to the high criticality rating of this vulnerability and for the potential for an actor to take complete control of an affected system. In addition, your company should have policies in place to review and apply security updates for software in use to protect against known vulnerabilities that threat actors may exploit.

Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.