Firefox customers ought to replace their browsers instantly to repair a vital zero-day vulnerability. Anyone utilizing Firefox on a Windows, macOS or Linux desktop is in danger. Mozilla issued a patch Tuesday, however, the vulnerability was found by Samuel Groß of Google Project Zero on April 15. Mozilla carried out the repair after digital foreign money alternate Coinbase reported exploitation of the vulnerability for focused spearphishing assaults. Hackers have been going after cryptocurrency with a vengeance.
“On Monday, June 17, 2019, Coinbase reported a vulnerability used as part of targeted attacks for a spear phishing campaign,” Selena Deckelmann, senior director of Firefox Browser Engineering, told Threatpost. “In less than 24 hours, we released a fix for the exploit.”
The flaw was discovered by Samuel Groß of Google Project Zero and the Coinbase Security team. In a Twitter thread, Groß said he found and reported the vulnerability on April 15 and that the first public fix was deployed “about a week ago.”
“The bug can be exploited for RCE [remote code execution] but would then need a separate sandbox escape,” Groß said on Twitter. “However, most likely it can also be exploited for UXSS [universal cross-site scripting] which might be enough depending on the attacker’s goals.”
“We walked back the entire attack, recovered and reported the 0-day to firefox, pulled apart the malware and infra used in the attack and are working with various organization to continue burning down attacker infrastructure and digging into the attacker involved,” he said on Twitter.
On Twitter, Groß said he didn’t have any insights into the active exploitation of the flaw.
Recently Mozilla has been stomping out critical flaws in its Firefox browser. In May, Mozilla patched several critical vulnerabilities with the release of its Firefox 67 browser. The worst of the bugs patched are two memory safety flaws that could allow attackers to exploit the vulnerabilities to take control of an affected system, according to a security bulletin issued by United States Computer Emergency Readiness Team.
Ransomware is on the rise: Don’t miss our free Threatpost webinar on the ransomware threat landscape, June 19 at 2 p.m. ET. Join Threatpost and a panel of experts from Malwarebytes, Recorded Future and Moss Adams as they discuss how to manage the risk associated with this unique attack type, with exclusive insights into new developments on the ransomware front and how to stay ahead of the attackers.
This story was updated on June 19 at 10 am ET with Mozilla comments, and on June 20 at 9 am ET with further information about the active exploitation attacks.
We pride ourselves on delivering innovative, digital experiences that make an impact.
Yes. We believe that creating memorable experiences are the best way to connect with your consumers.