Advertisement
Top
image credit: Unsplash

Mozilla fixes Firefox zero-days exploited in the wild (CVE-2022-26485, CVE-2022-26486)

March 7, 2022

Via: Help Net Security
Category:

Mozilla has released an out-of-band security update for Firefox, Firefox Focus, and Thunderbird, fixing two critical vulnerabilities (CVE-2022-26485, CVE-2022-26486) exploited by attackers in the wild.

About the vulnerabilities (CVE-2022-26485, CVE-2022-26486)

The two patched zero-days are both memory corruption bugs of the “use-after-free” kind, meaning that they may allow attackers to use memory that has been freed by the program.

Read More on Help Net Security

RELATED PUBLICATIONS

Microsoft confirms memory leak in March Windows Server security update
Mozilla decides Trusted Types is a worthy security feature
Mozilla Warns of Fake Thunderbird Downloads Delivering Ransomware 

Latest Publications

Chinese government website security is often worryingly bad, say Chinese researchers
Indonesia sneakily buys spyware, claims Amnesty International
97% of security leaders have increased SaaS security budgets
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!