ALL-INKL.COM - Webhosting Server Hosting Domain Provider

Still running Firefox 64.x?

If you do so, then you’d better consider upgrading your browser.
There are several HTML5-based security holes that can be used
to allow malicious code being executed on your machine. The
main source are MITM attacks. Fixes are already available.

Mozilla has released updates for their Business Browser, namely 60.5 ESR, the classic Firefox has been updated to Version 65. And also TOR browser has been updated as it is based on Firefox ESR.

So grab the updates while you can as the security holes might soon be used to do bad things.

And as always: Don’t click on links you’re not familiar with or if you smell some fraud, don’t go any further.

The usage of Addons like NoScript and the like may also prvent some scripted damage to your machine.

And last but not least: Have your virus scanner updated and on guard!

The HTML5 security hole is described, as follows:

CVE-2018-18500: Use-after-free parsing HTML5 stream

A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash.

 

There’s another bug that has been squished. A memory buffer overflow could lead to background execution of arbitrary code:

VE-2018-18502: Memory safety bugs fixed in Firefox 65

Mozilla developers and community members Arthur Iakab, Christoph Diehl, Christian Holler, Kalel, Emilio Cobos Álvarez, Cristina Coroiu, Noemi Erli, Natalia Csoregi, Julian Seward, Gary Kwong, Tyson Smith, Yaron Tausky, and Ronald Crane reported memory safety bugs present in Firefox 64. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.


February 3, 2019 Netspark - 1594 posts - Member since: May 9th, 2011 No Comments »

RATING :
Rockbottom!Very badBadAverageGoodVery goodAwesome! (1 votes, average: 7.00 out of 7)
Loading...
FILED UNDER :Computer , News , Technology
TAGGED WITH : , , , , ,

Leave a comment