Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Critical Vulnerabilities in Mozilla Firefox and Firefox ESR
Alerts

Critical Vulnerabilities in Mozilla Firefox and Firefox ESR

6 April 2020

Mozilla has released Firefox version 74.0.1 and Firefox Extended Support Release (ESR) 68.6.1 to address two critical vulnerabilities (CVE-2020-6819 and CVE-2020-6820). There are reports of targeted attacks exploiting these vulnerabilities. 

These vulnerabilities exist due to use-after-free errors in Firefox browser components. Successful exploitation of these vulnerabilities could corrupt memory and allow an attacker to execute arbitrary code.

Users of affected products are advised to install the latest security updates immediately. All users are encouraged to enable the automatic update function to ensure prompt software updates are performed.

More information is available at:

https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/

https://www.bleepingcomputer.com/news/security/mozilla-patches-two-actively-exploited-firefox-zero-days/

Back to top