Firefox: Mozilla Patches Critical Flaws that let Attackers Execute Malicious Code (ZD Net)


Mozilla has released Firefox 46 and patched several memory bugs that could let an attacker take control of a system.

The new version of Firefox includes fixes for 10 security issues in earlier releases, including one issue stemming from several memory-safety bugs in the browser engine.

“Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code,” Mozilla notes in the advisory.

The update also resolves four high-impact issues in Firefox, including a difficult but not impossible to exploit vulnerability discovered by CESG, the information security arm of UK spy agency, GCHQ.