The U.S. Government's Department of Homeland Security is advising to update the Mozilla Firefox browser as soon as possible.
A new zero-day exploit has been discovered and is currently being exploited in the field.
The DHS, through its Cybersecurity and Infrastructure Security Agency (CISA) says:
"Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Firefox 72.0.1 and Firefox ESR 68.4.1 and apply the necessary updates."
And from Mozilla: https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/#CVE-2019-17026
How to be sure your Firefox update has processed:
By default, Firefox will update automatically, but you can always do a manual update. Manual updates will still let Firefox download an update, but it won't install it until you restart Firefox. Here's how to set it up:
- On the menu bar click the menu and select .
- The About Firefox window will open. Firefox will begin checking for updates and downloading them automatically.
- When the download is complete, click .
The current version you want to be sure is installed is 72.0.1
