Mozilla is due to fix to correct a security vulnerability considered zero-day, the highest level between the degree of hazard. The flaw affects the component IonMonkey, the JavaScript compiler to Firefox, and, if properly exploited, could allow an attacker to take complete control of the system.

The vulnerability is identified with the acronym CVE-2019-17026, but the more detailed description which refers to the advisory of Mozilla is not available at the moment. The company has in fact blocked the access to the documentation for users who are not authorized, in order to better protect the security of your browsers and prevent the spread of the details of the methodology that allows to exploit the bug.

It is the second time that happens every few months, Mozilla had in fact occurred at the beginning of the summer to two of the flaws are considered critical, reported and resolved in a very short time.

Mozilla has already released the corrective patch – both Firefox 72, both Firefox ESR 68.4 – likely, therefore, that the vulnerability was present in the code for months. The flaw, therefore, closed with the version 72.0.1, that we invite you to download through the automatic download of updates, for all versions of Firefox available.

  • Firefox 72.0.1 – Windows 64-bit
  • Firefox 72.0.1 – macOS
  • Firefox 72.0.1 – Linux 64-bit