Mozilla Patches 32 Vulnerabilities in Firefox

By Marcos Colon

The latest version of Firefox fixes a total of 32 vulnerabilities in the browser, including one critical bug that results in a potentially exploitable crash.

According to Mozilla’s security advisory, the critical flaw (CVE-2017-5472) is a use-after-free vulnerability. The flaw was discovered by Nils, a longtime bug hunter, during tree reconstruction while regenerating CSS layout when attempting to use a node in the tree that didn’t exist, according to a report by Threat Post.

Twelve other vulnerabilities that received a “high” severity rating by Mozilla were also addressed with the update, which included three additional use-after-free bugs, and others found in the content viewer and video control operations.

Additionally, four vulnerabilities that could lead to address bar spoofing were also patched.  

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.