If you browse the internet with Firefox, you should update the Firefox ESR promptly. The developers have closed several security gaps in current versions.
Users should update their browser as soon as possible.The latest update corrects some security gaps that have already been actively exploited. However, a lot of information is currently not available.
Mozilla Has Also Increased The Range Of Functions
If attacks work, attackers could cause the browser to crash or even execute malicious code. By successfully exploiting a security vulnerability in the open source crypto library Network Security Services (NSS), attackers could gain access to private keys. To do this, they would have to evaluate calculation times when generating signatures in the form of a timing attack. Mozilla does not explain what these and other attacks could look like in the warning message. The versions of Firefox are protected. In addition to security, Mozilla has also increased the range of functions in the current versions.
Firefox ESR Based Vulnerabilities
The browser is also affected by the vulnerabilities because it is based on Firefox ESR. With the browser you surf the internet anonymously. For this purpose, the browser routes all data traffic encrypted over the network. The browser also includes functions against tracking. As the blog post from the developers shows, they have not only closed security holes. Admins from websites can now secure their pages even more efficiently using extended authentication options. In addition, there is now a new naming scheme for some websites, so that the URLs are easier to remember.
The vulnerability can be exploited to execute arbitrary code on the affected systems. Successfully exploiting one of the vulnerabilities could allow attackers to compromise vulnerable systems. How likely this scenario is, however it is currently still completely uncertain, as further details on the security vulnerabilities are still missing.
