Update Firefox to Patch Security Vulnerability
Mozilla issued a critical advisory to want users to patch Firefox in order to repair a security vulnerability. Firefox version 57, known as Firefox Quantum, left a vulnerability open. The exploit is in Firefox 57’s user interface code. The exploit made it possible to for a hacker to run unsanitized HTML on a user’s computer. In case you are not familiar with the term, unsanitized HTML, is web browser programming that has not been escaped of special characters and balanced with delimiters. Unsanitized can break an HTML web page and possible expose the database to corruption.
The Firefox vulnerability only affects desktop Firefox browsers. Firefox mobile apps are not affected.
Chrome (not at all related to Google’s browser by the same name) is a Firefox user interface that allows for user customized elements. The customizations are supposed to be confined to the logged in user, however an admin user could affect the entire machine. A hacker logged in as an admin could inject malicious code and hack the computer.
The exploit was present in three past releases for Firefox – 56,57, and Firefox 58. Users should immediately update Firefox Quantum to patch the vulnerability.
Firefox is an open source web browser developed by the Mozilla Foundation. Firefox is the second most popular web browser worldwide. It is second only to Google Chrome.
How do I Update Firefox?
Firefox updates itself by default. If it has not occurred already, users can manually update Firefox by opening the browser and then selecting the hamburger menu in the upper right corner. Select help then About Firefox. Firefox will check for updates on its own and begin to download a patch automatically. If the download does not being, users can download a fresh version here
Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers