Content

Mozilla Patches 32 Vulnerabilities in Firefox

By Marcos Colon

The latest version of Firefox fixes a total of 32 vulnerabilities in the browser, including one critical bug that results in a potentially exploitable crash.

According to Mozilla’s security advisory, the critical flaw (CVE-2017-5472) is a use-after-free vulnerability. The flaw was discovered by Nils, a longtime bug hunter, during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that didn’t exist, according to a report by Threat Post.

Twelve other vulnerabilities that received a “high” severity rating by Mozilla were also addressed with the update, which included three additional use-after-free bugs, and others found in the content viewer and video control operations.

Additionally, four vulnerabilities that could lead to address bar spoofing were also patched.  

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.