[ad_1]
Mozilla has fixed two critical vulnerabilities in the latest patch, and Windows, Linux, and Android users should make sure to update their browser right now. The two vulnerabilities are referred to as CVE-2022-26485 and CVE-2022-26486. Although the company hasn’t disclosed how exactly these bugs were being exploited, it’s likely that attackers used the flaw in the browser to install malicious software or direct users to pre-programmed web pages without their consent. From that point on, hackers were likely able to gain further access to the user’s device.
Both the flaws are of the use-after-free type, but the first flaw is found in XSLT parameter processing. If an XSLT parameter is removed mid-processing data, this could have opened the door to exploits. The second bug is found in the WebGPU IPC framework. Mozilla has received reports of both of these bugs being abused, and as they both grant unwanted access to your device, it’s best to act fast.
Original Source by [author_name]
Related
[ad_2]
Source link