Critical Update: Mozilla fills a gap in Firefox and Thunderbird


11. November 2020 – A serious security flaw has been hidden in Firefox, the corporate version Firefox ESR, and the Thunderbird mail client. Mozilla has fixed the bug and a patch is available.

Mozilla fills a security gap in the Firefox browser, the enterprise version Firefox ESR, and the Thunderbird mail client, which has been rated as critical. The vulnerability could be exploited by attackers to smuggle malicious code. However, Mozilla doesn’t leave many leaks on the hole called CVE-2020-26950, which was hidden in the MCallGetProperty function. As “Heise” also writes, Chinese hackers discovered the mistake during the Tianfu Cup 2020 hacker competition.

Mozilla has now closed the gap, new updates in Firefox 82.0.3, Firefox ESR 78.4.1 and Thunderbird 78.4.2 versions are available for download.

The Firefox browser can also be downloaded from the freeware library from “Swiss IT Media”. (to win)


Source link