CISA Urges Organizations to Patch Recent Firefox Zero-Days

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday announced the inclusion of 11 security holes in its Known Exploited Vulnerabilities Catalog.

CISA created the list – which now contains roughly 500 flaws – to help federal agencies prioritize patching within their environments. CISA told SecurityWeek it has evidence of in-the-wild exploitation for all of the security issues on the list.

The most recent of the newly added bugs are two zero-day vulnerabilities in Firefox, for which Mozilla issued an emergency update over the weekend.

Tracked as CVE-2022-26485 and CVE-2022-26486 and rated “critical severity,” the security holes are described as use-after-free issues. This type of flaw usually leads to arbitrary code execution.

Firefox 97.0.2, Firefox ESR…


Source link

About coldfusion

Check Also

One Major Series Finale Complaint

Bob Odenkirk thought a whole lot about a certain Nic Cage movie while filming the …

Leave a Reply

Your email address will not be published.