Skip to main content

The U.S. government says you need to update Firefox right now

If you use the Mozilla Firefox web browser, the government recommends that you update the browser because of a zero-day vulnerability that could enable hackers to take control of your computer. 

The United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is encouraging those with the Firefox browser to update to versions 72.0.1 and ESR 68.4.1.

“Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild,” CISA’s statement published on Wednesday reads. 

Mozilla is aware of the vulnerability and issued a fix for it in the latest update version on Wednesday, January 8. The zero-day vulnerability (CVE-2019-17026) was labeled by the company as “critical” and could have allowed potential hackers an open door to access people’s browsers and computers. The company said that hackers actively engaging in “targeted attacks” against the exploit, meaning you could be at serious risk if you don’t update your browser as soon as possible. 

Mozilla said that Chinese cybersecurity firm Qihoo 360 found and reported the vulnerability to the company.

According to Forbes, a zero-day vulnerability means “a security vulnerability that is not known to the product vendor or security researchers but, crucially, is known to threat actors who can then exploit it.”

How to update Firefox

Updating your Firefox browser to protect you from this vulnerability is simple: 

  1. Go to your browser’s menu bar and click About Firefox.
  2. A new window will open and will begin to check for any updates, downloading them automatically.
  3. Once the download is complete, be sure to click Restart to update Firefox to make sure you are using the latest version (72.0.1). 

Despite this vulnerability, Firefox is a close runner-up to Google Chrome for Digital Trends’ pick for the best web browser. Firefox is more privacy-centric than Chrome and is comparably fast. 

Firefox has made recent updates in the last month that include better privacy protections with anti-tracker support, improved password syncing across devices, and integrated breach alerts.

In November, Firefox also made an update in Firefox 70 that allows you to hide notification permission pop-ups that can get annoying. 

Digital Trends reached out to Mozilla to find out more about the vulnerability, and what could have caused it. We will update this story once we hear back. 

Editors' Recommendations

Allison Matyus
Former Digital Trends Contributor
Allison Matyus is a general news reporter at Digital Trends. She covers any and all tech news, including issues around social…
SWAT team’s Spot robot shot multiple times during standoff
Spot, a robot dog.

A Boston Dynamics’ Spot robot deployed by the Massachusetts State Police (MSP) was shot during a standoff in Cape Cod, Massachusetts.

It’s believed to be the first time that the robot helper has taken a bullet during active duty, and it highlights how the machine can help keep law enforcement out of harm’s way during challenging situations.

Read more
Microsoft Edge is slowly becoming the go-to browser for PC gamers
microsoft edge chromium to roll out automatically soon chrome

Microsoft Edge is already jam-packed with features that other web browsers don't have, but a new one might well help your PC run faster while gaming. The default Windows web browser now has the option to limit the amount of RAM it uses, helping you prioritize RAM access to other applications or games. The feature is currently being tested in the Canary version of Microsoft Edge and could roll out to everyone if Microsoft deems it useful enough and gets quality feedback.

Spotted by X (formerly Twitter) user Leopeva64, the setting for this new feature is buried in the System and Performance section of the latest Canary version of Microsoft Edge. It is being rolled out gradually, so not everyone has it yet, but it gives two options for controlling your PC resources.

Read more
How Intel and Microsoft are teaming up to take on Apple
An Intel Meteor Lake system-on-a-chip.

It seems like Apple might need to watch out, because Intel and Microsoft are coming for it after the latter two companies reportedly forged a close partnership during the development of Intel Lunar Lake chips. Lunar Lake refers to Intel's upcoming generation of mobile processors that are aimed specifically at the thin and light segment. While the specs are said to be fairly modest, some signs hint that Lunar Lake may have enough of an advantage to pose a threat to some of the best processors.

Today's round of Intel Lunar Lake leaks comes from Igor's Lab. The system-on-a-chip (SoC), pictured above, is Intel's low-power solution made for thin laptops that's said to be coming out later this year. Curiously, the chips weren't manufactured on Intel's own process, but on TSMC's N3B node. This is an interesting development because Intel typically sticks to its own fabs, and it even plans to sell its manufacturing services to rivals like AMD. This time, however, Intel opted for the N3B node for its compute tile.

Read more