Mozilla has fixed a critical flaw i.e. Remote Code Execution that could allow an attacker to execute arbitrary code on any targeted device.
This loophole is due to insufficient sanitization of HTML fragments in chrome-privileged documents through which a remote attacker can easily exploit this vulnerability by passing a user to access a link/file which submits the malicious input to affected software results successfully compromise the system.
Mozilla already confirmed this vulnerability by 29th January 2018 which you can even read through the Mozilla Security Advisory Panel and within the span of just 2 days, they’ve released a new version i.e. Mozilla 58.0.1 where they fixed this arbitrary code execution vulnerability.
Note: This vulnerability did not affect Firefox for Android or Firefox 52 ESR.
Browser selection is probably the single most important thing to protect yourself online. We’ll typically choose a primary browser and have one or two more standing by when a web site only supports one and not another. During selection, remember that the majority of attacks target the largest user base, so it stands to reason that by not using the same software as the majority you stand a better chance of avoiding an infection/attack.
Currently, Firefox seems to be the “safer” browser over the more popular and targeted Internet Explorer. Of course, Mozilla, Netscape, Opera, and Safari make fine choices as well. Some say this is security through obscurity. Regardless, voluntarily placing yourself between the crosshairs is not going to help you stay secure.
No matter what browser you choose, there are numerous programs and tools available to help the browser defend itself. NoScript1 (Firefox), SafeHistory2 (Firefox), SafeCache3 (Firefox), Netcraft Anti-Phishing Toolbar4 (Firefox/Internet Explorer), eBay Toolbar5 (Internet Explorer), and Google Toolbar6 (Firefox/Internet Explorer) are great products that do just that.These add-ons help identify phishing Web sites, disable certain features, protect
passwords from falling into the wrong hands, and various other useful safeguards.
- 30,000 Sites is in RISK, The Plus Addons for Elementor WordPress Plugin Hacked
- Facebook Pay is rolling out in US – 2019 Update
- Top 25 Reddits – SubReddits Communities [Information Security]
- List of 100+ Cyber Security RSS Feeds
- Target’s Twitter Account Compromised – Posted Fake Promoted Ad [Bitcoin Scam]
- Familiar With SQL Injection Vulnerability – Meet Ihsan Sencan
- Microsoft + 33 Other Companies Join hands to fight Cyber Attacks – Cyber Security Tech Accord
- Twitter Compromised ! Change Your Password Right Now – May 2018
- Dangerous Keylogger Found – Infecting over 2000 WordPress sites
- $1.2 Billion Worth of Cryptocurrencies Stolen – 2018 Update