Mozilla closes critical Pwn2Own vulnerability in Firefox

Mozilla version 52.0.1 has updated its Firefox browser on the . The update resolves a security classified as critical, 2017 had discovered employees by Chaitin security last week on the second day of Pwn2Own hacker competition . An attacker can inject malicious code may and run within the sandbox of the browser.

a Security Advisory according to the function “createImageBitmap()” may be an integer overflow throws. Because the function will run in the sandbox, a second vulnerability was necessary to compromise a user’s computer. “

 Chaitlin security cracked the Mozilla browser Firefox during the Pwn2Own hacker contest (picture: trend micro). Chaitlin security cracked the Mozilla browser Firefox during the Pwn2Own hacker contest (picture: trend micro). Exactly succeeded however in Chaitlin security researchers during the competition. Combined the Firefox bug, with a previously unknown vulnerability in the Windows kernel to on a fully patched notebook with Windows 10 the editor with the news produced by them “No. pwn no fun” to start. For the Organizer, the trend micro daughter paid them zero day initiative, offered a reward of $30,000.

not the actual vulnerability in his browser has eliminated however

Mozilla. The fix is that the experimental extensions of the “createImageBitmap” API is disabled.

Firefox 52.0.1 for Windows, Mac OS X, and Linux can be downloaded immediately from the Mozilla Web sites. Users who have already installed the browser will receive the update automatically.

another attack on the Mozilla browser had failed in the past week during Pwn2Own 2017. Frost security was not succeeded the German security researcher Moritz Jodeit of blue, to end his attack in the prescribed time. After Mozilla must now still Microsoft and Apple Safari holes in their browsers and edge stuff.


open Telecom cloud: resources on demand

from Capex to Opex: turn companies just reinforced rigid investment costs in dynamic editions, which adapt to the business – IT capacity from the cloud, rather than from their own servers and be so flexible. Popularity: Infrastructure-as-a-service (IaaS) from the open Telecom cloud.

: how well you familiar with browsers? Test your knowledge – with 15 questions on .

Be the first to comment

Leave a Reply