Patch/Configuration Management, Cloud Security

Mozilla, Google issue fixes for browser vulnerabilities

Several security vulnerabilities impacting Mozilla Firefox and Google Chrome have been patched as part of software updates, according to SecurityWeek. Mozilla has addressed 11 bugs with its Firefox 119 update, which featured fixes for three high-severity flaws, including the insufficient activation-delay vulnerability, tracked as CVE-2023-5721, which could be exploited to facilitate clickjacking attacks, and memory safety bugs, tracked as CVE-2023-5730 and CVE-2023-5731, which could be leveraged for arbitrary code execution. Seven other medium-severity flaws were also remediated in Firefox 119. Moreover, fixes for CVE-2023-5721, CVE-2023-5730, and six other bugs addressed in Firefox 119 were also included in Firefox ESR 115.4 and Thunderbird 115.4.1. On the other hand, Google has released an update to patch two Chrome vulnerabilities, one of which was a high-severity use-after-free bug identified within Profiles. Attackers could leverage the flaw, tracked as CVE-2023-5472, to enable code execution activities but there has been no evidence suggesting any active exploitation, according to Google.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.