Mozilla Releases Firefox 72, Addresses 0-Day Exploit

Posted on January 10, 2020 by Paul Thurrott in Mozilla Firefox with 4 Comments

Mozilla’s release of Firefox 72 this week was somewhat dampened by the fact that it includes a patch for a 0-day vulnerability in the browser.

“There’s a new Firefox release to try out,” Mozilla’s Chris Mills writes in the announcement post. “Version 72 to be exact.”

Thanks to its new four-week release cycle, Firefox 72 arrives with fewer new features than some previous releases, but it does lessen permission spam and include many new developer features. And if you’re using macOS or Linux, Firefox 72 includes the picture-in-picture (PIP) functionality for videos that debuted in the previous release on Windows.

Unfortunately, Firefox 72 also necessitated a patch for a 0-day flaw in the browser that is being exploited by hackers, so users are warned to upgrade as soon as possible. “We are aware of targeted attacks in the wild abusing this flaw,” a Mozilla security advisory admits. The flaw is present in at least several versions of Firefox, but Mozilla isn’t providing that information.

“Mozilla has released security updates to address a vulnerability in Firefox,” a U.S. Department of Homeland Security warnings explains. “An attacker could exploit this vulnerability to take control of an affected system.”

Elevate the Conversation!

Join Thurrott Premium to enjoy our Premium comments.

Premium member comments on news posts will feature an elevated status that increases their visibility. This tab would allow you to participate in Premium comments with other premium members. Register to join the other Premium members in elevating the conversation!

Register or Subscribe

Join the discussion!

BECOME A THURROTT MEMBER:

Don't have a login but want to join the conversation? Become a Thurrott Premium or Basic User to participate

Register