Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Update Firefox now, because the Department of Homeland Security is telling you to

William Gallagher |

Mozilla Firefox

A recent release of Firefox had a bug severe enough, that the US government is telling everyone to update to guarantee online safety.

Mozilla has issued an update to its Firefox browser that fixes a critical security issue that could allow attackers to take control of affected computers. The issue has previously not been reported, but according to the Department of Homeland Security, it was already being exploited in attacks.

To update Firefox, users can open the browser, click on the Firefox menu, then on About Firefox. This will start the update.

Alternatively, users can visit the official site to download Firefox.

"Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR," wrote the US Department's Cyber-Infrastructure (CISA) division in a statement. "An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild."

"[The CISA] encourages users and administrators to review the Mozilla Security Advisory for Firefox 72.0.1 and Firefox ESR 68.4.1 and apply the necessary updates," it concludes.

Choosing Choosing "About Firefox" will either start the update or, as here, show you when the latest one has been successfully installed

Firefox ESR is the version of the browser built for enterprise customers.

Mozilla's advisory for both this and the regular Firefox edition repeats the information that "we are aware of targeted attacks in the wild abusing this flaw."

In May 2019, Mozilla also required users to update Firefox following multiple failures with browser extensions.

30 Comments

ihatescreennames 19 Years · 1977 comments
About

Yeah, update now! Because having a "critical security issue that could allow attackers to take control of affected computers" that was previously unreported sounds like a great selling point. Yeesh.

Maybe delete Firefox and switch to a different browser. 

Soli 9 Years · 9981 comments
About

Yeah, update now! Because having a "critical security issue that could allow attackers to take control of affected computers" that was previously unreported sounds like a great selling point. Yeesh.

Maybe delete Firefox and switch to a different browser. 

Whose to say that any other browser doesn't have severe exploits used by those with nefarious intentions? I say just update your browser and access the internet wisely.

Apple has certainly had their share of critical bugs. How many years was Apple's "goto fail" bug present? Any captured SSL traffic could've been read which means for years your secure traffic was as good as plaintext for any person or agency that knew how to read it. That even includes after the fact for rooting through data dumps to peak at private information, which is why (for one) had to go change every password in my password manager after this bug was discovered and patched.

dewme 10 Years · 5775 comments
About

Firefox sure likes to talk the talk when it comes to security. It’s too bad they can’t back up their bravado with real world performance. Yeah, everything that depends on humans is inherently vulnerable to flaws and failures, which is why they should be a little less bold in their claims of providing a secure browsing experience. If they and all other apps that make bold statements about the security were forthright they’d simply state “we’ll try our best” when setting expectations. 

Wgkrueger 8 Years · 352 comments
About

Yeah, update now! Because having a "critical security issue that could allow attackers to take control of affected computers" that was previously unreported sounds like a great selling point. Yeesh.

Maybe delete Firefox and switch to a different browser. 

 Firefox zero-days are pretty rare. The last one was reported in December 2016”

EsquireCats 8 Years · 1268 comments
About

Soli said:
Yeah, update now! Because having a "critical security issue that could allow attackers to take control of affected computers" that was previously unreported sounds like a great selling point. Yeesh.

Maybe delete Firefox and switch to a different browser. 
Whose to say that any other browser doesn't have severe exploits used by those with nefarious intentions? I say just update your browser and access the internet wisely.

Apple has certainly had their share of critical bugs. How many years was Apple's "goto fail" bug present? Any captured SSL traffic could've been read which means for years your secure traffic was as good as plaintext for any person or agency that knew how to read it. That even includes after the fact for rooting through data dumps to peak at private information, which is why (for one) had to go change every password in my password manager after this bug was discovered and patched.

Are you changing all of your passwords now too?

Read More on our Forums ->
 

Sponsored Content

article thumbnail

How to stop spam calls and reclaim some sanity on your iPhone

Top Stories

article thumbnail

How Apple's smart home revolution begins in 2025

article thumbnail

AirPods Max four years later: a missed spatial computing opportunity

article thumbnail

Apple says EU interoperability laws pose severe privacy risks

article thumbnail

Don't believe what you see on TikTok - AirDrop doesn't allow thieves to steal your credit card info

article thumbnail

Holiday 2024 MacBook Buyer's Guide — Which Mac laptop you should buy?

article thumbnail

Holiday coupon: save up to $300 on every 14" & 16" MacBook Pro M4