There have been reports of Firefox users becoming victims of a zero-day exploit in the browser. Mozilla has now rolled out the Firefox 131.0.2 update to plug up the security hole.

The second zero-day exploited in this campaign is a privilege escalation flaw (CVE-2024-49039) in the Windows Task Scheduler service, allowing attackers to execute code outside the Firefox sandbox.

Yesterday, Mozilla released the Firefox 131.0.2 update in response to reports that Firefox users are actively being hit by a zero-day vulnerability in the browser.

Further analysis revealed another zero-day vulnerability in Windows: a privilege escalation bug, now assigned CVE‑2024‑49039, that allows code to run outside of Firefox’s sandbox.

Zero-days discovered in Firefox. Both zero-day exploits discovered at Pwn2Own Berlin are out-of-bounds flaws that allow attackers to read or write data, potentially gaining access to sensitive ...

Kaspersky recently uncovered a zero-day vulnerability in Google Chrome Mozilla now says it has found a similar issue in Firefox The bug was used to target Russian targets in a cyber-espionage ...

There’s a new zero-day exploit for some of the world’s most popular software out there, and according to Google, it’s being actively attacked in the wild. Google’s security research says ...

Zero-day exploits are at an all-time high. After what some called a “hot zero-day summer,” which saw a frenzy of security patches follow a torrent of newly discovered software vulnerabilities, the ...