Firefox 67.0.3 and 67.0.4

Estimated reading time: 1 minute.

Over the last few days, two new versions of Firefox were released, each addressing a single security vulnerability.

Firefox 67.0.3 fixes a critical flaw in the way Javascript objects are handled that can allow exploitable crashes. Targeted attacks in the wild are actively abusing this flaw.

Firefox 67.0.4‘s fix is for an as yet unexploited flaw that could potentially result in executing arbitrary code on the user’s computer.

Both vulnerabilities were reported to Mozilla by non-Mozilla security researchers.

You can wait for Firefox to update itself, or nudge it along by visiting Help > About Mozilla Firefox in its menu, found by clicking the hamburger button (hamburger) button in the toolbar.

About jrivett

Jeff Rivett has worked with and written about computers since the early 1980s. His first computer was an Apple II+, built by his father and heavily customized. Jeff's writing appeared in Computist Magazine in the 1980s, and he created and sold a game utility (Ultimaker 2, reviewed in the December 1983 Washington Apple Pi Journal) to international markets during the same period. Proceeds from writing, software sales, and contract programming gigs paid his way through university, earning him a Bachelor of Science (Computer Science) degree at UWO. Jeff went on to work as a programmer, sysadmin, and manager in various industries. There's more on the About page, and on the Jeff Rivett Consulting site.

Leave a Reply