Firefox zero-days discovered

Mozilla patches browser.

Firefox users should install an immediate patch, after with two critical bugs discovered that are reportedly being exploited by attackers.

The first is due to a use-after-free memory corruption issue in the Extensible Stylesheets Language Transformations (XSLT) feature, in which removing a parameter during processing could trigger an exploitable bug.

A second memory corruption bug in the WebGPU graphics acceleration feature could also trigger a use-after-free condition, and be used to escape the sandbox system protection feature in Firefox.

Mozilla has issued updated versions of Firefox, including 97.0.2, ESR 91.6.1, Android 97.3
and its privacy-oriented Focus 97.3 web browser, that handles the vulnerabilities.

In both cases, the bugs were reported to Mozilla by researchers from China-based 360 ATA.

Mozilla did not disclose further details on the reported attacks.

AI and ML use cases drive change in technology roles in WA: M&T Resources

Vocus receives government nod for TPG Telecom deal

Huawei's AI lab denies that one of its Pangu models copied Alibaba's Qwen

nib develops Cortex-powered AI to streamline data migration

NSW gov employers 'should not' use AI for hiring decisions

Firefox zero-days discovered

Mozilla patches browser.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

International Criminal Court hit by cyber attack

SA Power Networks tackles IAM, cloud security under five-year strategy

Most popular tech stories

Woolworths Group consolidates 30,000 marketing assets into Adobe platform

Optus' first AI chief Samantha Lawson exits

El Jannah backs Salesforce martech stack to support store expansion

NSW gov employers 'should not' use AI for hiring decisions

NAB brings Pete Steel into new digital, data and AI exec role

PHOTOS: The M&A Session - Sydney

Ingram Micro hit by ransomware

Dell’s new platform wants to end HCI vendor lock-in

Announcing the 2025 Impact Awards Partner Leadership finalists

Macquarie Cloud Services to move CareSuper from VMware on AWS to Azure

Blackberry celebrates "giant step forward"

NSW Government building business case for state-wide digital twin

365mesh launches updated Aussie-made vibration sensor

Telstra to host IoT State of the Nation event on November 14

Photos: The 2024 IoT Awards winners

AI and ML use cases drive change in technology roles in WA: M&T Resources

Vocus receives government nod for TPG Telecom deal

Huawei's AI lab denies that one of its Pangu models copied Alibaba's Qwen

nib develops Cortex-powered AI to streamline data migration

NSW gov employers 'should not' use AI for hiring decisions

Firefox zero-days discovered

Mozilla patches browser.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

International Criminal Court hit by cyber attack

SA Power Networks tackles IAM, cloud security under five-year strategy

Most popular tech stories

Woolworths Group consolidates 30,000 marketing assets into Adobe platform

Optus' first AI chief Samantha Lawson exits

El Jannah backs Salesforce martech stack to support store expansion

NSW gov employers 'should not' use AI for hiring decisions

NAB brings Pete Steel into new digital, data and AI exec role

PHOTOS: The M&A Session - Sydney

Ingram Micro hit by ransomware

Dell’s new platform wants to end HCI vendor lock-in

Announcing the 2025 Impact Awards Partner Leadership finalists

Macquarie Cloud Services to move CareSuper from VMware on AWS to Azure

Blackberry celebrates "giant step forward"

NSW Government building business case for state-wide digital twin

365mesh launches updated Aussie-made vibration sensor

Telstra to host IoT State of the Nation event on November 14

Photos: The 2024 IoT Awards winners

Log In