Mozilla Firefox Zero-Day Exploit Response

Mozilla, the makers of the Firefox browser, announced a zero-day exploit this week in Firefox 67.0.3 and Firefox ESR 60.7.1. A security vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop which can allow for an exploitable crash. However, Mozilla is aware of targeted attacks in the wild abusing this flaw, making immediate remediation necessary.

Therefore, clients that subscribe to our ManageSuite Advanced Update Management will be receiving emergency patches throughout the day. Our first sweep will be passive, however given that there are known exploits leveraging this vulnerability, we’ll evaluate online systems that still need an upgrade and may make deliveries more urgent by force-closing any active browser sessions to apply the updates required.

Keep Calm – Compute On!