Mozilla Releases Firefox 66.0.1 to Patch Two Critical Security Vulnerabilities

[The AchieVer]

Mozilla Releases Firefox 66.0.1 to Patch Two Critical Security Vulnerabilities 

Mozilla released the first point release to its latest Firefox 66 web browser to address two critical security vulnerabilities exposed during the Pwn2Own hacking contest event.

Firefox 66.0.1 is now available, just a few days after the release of Firefox66.0 earlier this week, to patch CVE-2019-9810 and CVE-2019-9813, two security vulnerabilities reported by Richard Zhu, Amat Cama, and Niklas Baumstark via Trend Micro's Zero Day Initiative.

According to the security advisorypublished by Mozilla on March 22nd, CVE-2019-9810 describes a buffer overflow issue and missing bounds check flaw in the Firefox 66.0 release due to incorrect alias information in the IonMonkey JIT compiler for the Array.prototype.slice method.

On the other hand, CVE-2019-9813 describes a "type confusion" issue in the IonMonkey JIT code affecting the Firefox 66.0 release that may let attackers read and write arbitrary memory, which was possible due to incorrect handling of __proto__ mutations.Users are urged to update to Firefox 66.0.1Mozilla marked both issues as critical and recommended all Firefox users to update to the Firefox 66.0.1 point release as soon as possible. Firefox 66.0.1 is already rolling out to Windows and macOS platforms via OTA (Over-the-Air) updates.

GNU/Linux users will have to install Firefox 66.0.1 from the stable software repositories of their favorite distributions or download the binary packages from our free software portal. Arch Linux and other rolling OSes already pushed Firefox 66.0.1 to their repositories.

Mozilla is currently working on the Firefox 67.0 series, due for release on mid-May 2019, but it will release new maintenance updates to Firefox 66 if other security vulnerabilities are discovered or other bugs need to be fixed. Meanwhile, make sure you update to Firefox 66.0.1.

 

 

 

Source

 

[Karlston]

Mozilla also released Firefox 60.6.1 ESR...

Mozilla releases security updates Firefox 66.0.1 and 60.6.1 ESR

Mozilla has just released Firefox 66.0.1 and Firefox 60.6.1 ESR to the public. The two new versions of Firefox patch critical security vulnerabilities in the web browser.

 

Firefox users should receive the updates automatically if automatic updates is turned on in the browser (which it is by default). The new versions are also available as standalone downloads from Mozilla's official website.

 

Firefox users may select Menu > Help > About Firefox to run a manual check for updates to download the new version immediately. It takes a while as Firefox does not run real-time update checks.

Firefox 66.0.1 and Firefox 60.6.1 ESR

Mozilla patched two critical security vulnerabilities in Firefox 66.0.1. and Firefox 60.6.1 ESR (Extended Support Release).

 

The vulnerabilities are listed on the official Firefox Security Advisories website:

CVE-2019-9810: IonMonkey MArraySlice has incorrect alias information

Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow.

CVE-2019-9813: Ionmonkey type confusion with __proto__ mutations

Incorrect handling of __proto__ mutations may lead to type confusion in IonMonkey JIT code and can be leveraged for arbitrary memory read and write.

Additional information is not provided at this time, the linked bug listings are blocked from the public.

 

The two researchers that discovered the vulnerabilities are Richard Zhu and Amat Cama, and it is probably no coincidence that the researchers attacked Firefox successful in this year's Pwn2Own competition.

 

The security researchers managed to use an exploit in Firefox to execute code at the system level if a user visited a specifically prepared website.

They leveraged a JIT bug in the browser, then used an out-of-bounds write in the Windows kernel to effectively take over the system. They were able to execute code at SYSTEM level just by using Firefox to visit their specially crafted website.

The competition saw another successful targeting Firefox. Niklas Baumstark exploited a JIT bug in Firefox to escape the sandbox which would allow an attacker to run code on the device with the same permissions as the signed-in user.

He used a JIT bug in the browser followed by a logic bug to escape the sandbox. In a real-world scenario, an attacker could use this to run their code on a target system at the level of the logged-on user.

It is recommended to update to the new patched versions of Firefox to protect the browser and underlying system from attacks targeting these vulnerabilities.

 

Source: Mozilla releases security updates Firefox 66.0.1 and 60.6.1 ESR (gHacks - Martin Brinkmann)