Skip to main content

The U.S. government says you need to update Firefox right now

If you use the Mozilla Firefox web browser, the government recommends that you update the browser because of a zero-day vulnerability that could enable hackers to take control of your computer. 

The United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is encouraging those with the Firefox browser to update to versions 72.0.1 and ESR 68.4.1.

Recommended Videos

“Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild,” CISA’s statement published on Wednesday reads. 

Mozilla is aware of the vulnerability and issued a fix for it in the latest update version on Wednesday, January 8. The zero-day vulnerability (CVE-2019-17026) was labeled by the company as “critical” and could have allowed potential hackers an open door to access people’s browsers and computers. The company said that hackers actively engaging in “targeted attacks” against the exploit, meaning you could be at serious risk if you don’t update your browser as soon as possible. 

Mozilla said that Chinese cybersecurity firm Qihoo 360 found and reported the vulnerability to the company.

According to Forbes, a zero-day vulnerability means “a security vulnerability that is not known to the product vendor or security researchers but, crucially, is known to threat actors who can then exploit it.”

How to update Firefox

Updating your Firefox browser to protect you from this vulnerability is simple: 

  1. Go to your browser’s menu bar and click About Firefox.
  2. A new window will open and will begin to check for any updates, downloading them automatically.
  3. Once the download is complete, be sure to click Restart to update Firefox to make sure you are using the latest version (72.0.1). 

Despite this vulnerability, Firefox is a close runner-up to Google Chrome for Digital Trends’ pick for the best web browser. Firefox is more privacy-centric than Chrome and is comparably fast. 

Firefox has made recent updates in the last month that include better privacy protections with anti-tracker support, improved password syncing across devices, and integrated breach alerts.

In November, Firefox also made an update in Firefox 70 that allows you to hide notification permission pop-ups that can get annoying. 

Digital Trends reached out to Mozilla to find out more about the vulnerability, and what could have caused it. We will update this story once we hear back. 

Allison Matyus
Former Digital Trends Contributor
Allison Matyus is a general news reporter at Digital Trends. She covers any and all tech news, including issues around social…
Google just gave vision to AI, but it’s still not available for everyone
Gemini Live App on the Galaxy S25 Ultra broadcast to a TV showing the Gemini app with the camera feature open

Google has just officially announced the roll out of a powerful Gemini AI feature that means the intelligence can now see.

This started in March as Google began to show off Gemini Live, but it's now become more widely available.

Read more
This modular Pebble and Apple Watch underdog just smashed funding goals
UNA Watch

Both the Pebble Watch and Apple Watch are due some fierce competition as a new modular brand, UNA, is gaining some serous backing and excitement.

The UNA Watch is the creation of a Scottish company that wants to give everyone modular control of smartwatch upgrades and repairs.

Read more
Tesla, Warner Bros. dodge some claims in ‘Blade Runner 2049’ lawsuit, copyright battle continues
Tesla Cybercab at night

Tesla and Warner Bros. scored a partial legal victory as a federal judge dismissed several claims in a lawsuit filed by Alcon Entertainment, a production company behind the 2017 sci-fi movie Blade Runner 2049, Reuters reports.
The lawsuit accused the two companies of using imagery from the film to promote Tesla’s autonomous Cybercab vehicle at an event hosted by Tesla CEO Elon Musk at Warner Bros. Discovery (WBD) Studios in Hollywood in October of last year.
U.S. District Judge George Wu indicated he was inclined to dismiss Alcon’s allegations that Tesla and Warner Bros. violated trademark law, according to Reuters. Specifically, the judge said Musk only referenced the original Blade Runner movie at the event, and noted that Tesla and Alcon are not competitors.
"Tesla and Musk are looking to sell cars," Reuters quoted Wu as saying. "Plaintiff is plainly not in that line of business."
Wu also dismissed most of Alcon's claims against Warner Bros., the distributor of the Blade Runner franchise.
However, the judge allowed Alcon to continue its copyright infringement claims against Tesla for its alleged use of AI-generated images mimicking scenes from Blade Runner 2049 without permission.
Alcan says that just hours before the Cybercab event, it had turned down a request from Tesla and WBD to use “an icononic still image” from the movie.
In the lawsuit, Alcon explained its decision by saying that “any prudent brand considering any Tesla partnership has to take Musk’s massively amplified, highly politicized, capricious and arbitrary behavior, which sometimes veers into hate speech, into account.”
Alcon further said it did not want Blade Runner 2049 “to be affiliated with Musk, Tesla, or any Musk company, for all of these reasons.”
But according to Alcon, Tesla went ahead with feeding images from Blade Runner 2049 into an AI image generator to yield a still image that appeared on screen for 10 seconds during the Cybercab event. With the image featured in the background, Musk directly referenced Blade Runner.
Alcon also said that Musk’s reference to Blade Runner 2049 was not a coincidence as the movie features a “strikingly designed, artificially intelligent, fully autonomous car.”

Read more