Firefox gets patch for critical zeroday that’s being actively exploited

Using Firefox? Patch now…

Mozilla has released a new version of Firefox that fixes an actively exploited zeroday that could allow attackers to take control of users’ computers.

In an advisory, Mozilla rated the vulnerability critical and said it was “aware of targeted attacks in the wild abusing this flaw.” The US Cybersecurity and Infrastructure Security Agency said one or more exploits were “detected in the wild” and warned that attacks could be exploited to “take control of an affected system.” The Mozilla advisory credited researchers at China-based Qihoo 360 with reporting the flaw.

No other details about the attacks were immediately available. Neither Mozilla nor Qihoo 360 responded immediately to emails asking for more information.

[…]

Original article here