The latest version of Firefox fixes a total of 32 vulnerabilities in the browser, including one critical bug that results in a potentially exploitable crash.
According to Mozilla’s security advisory, the critical flaw (CVE-2017-5472) is a use-after-free vulnerability. The flaw was discovered by Nils, a longtime bug hunter, during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that didn’t exist, according to a report by Threat Post.
Twelve other vulnerabilities that received a “high” severity rating by Mozilla were also addressed with the update, which included three additional use-after-free bugs, and others found in the content viewer and video control operations.
Additionally, four vulnerabilities that could lead to address bar spoofing were also patched.