Firefox browser has released an urgent update to release 58, where there are many loopholes, even if you use the latest version.

Firefox version 58 includes patching 3 critical loopholes, 13 high, 13 medium and 3 low vulnerability vulnerabilities that can allow hackers to remotely control your computer.

Updating Firefox may speak automatically when you start to open the Firefox browser from the help menu.

Make sure the version will notice the update automatically as in the picture.

Be sure that if you use the browser you are using version 58 or later if other updates are downloaded and your version should not be less than 58

Make sure as the picture will show you the version after the update.


Gaps that were patched in Release 58

Announcement: January 23, 2018

Effect: Dangerous

Product: Firefox

CVE-2018-5091: Use-after-free with DTMF timers
Finder: Looben Yang

Impact: Critical

Description: The loophole can occur after use free of charge during Wi-Fi connections when interacting with DTMF timing. This leads to the exploitation of caterpillars.

CVE-2018-5092: Use-after-free in Web Workers
Finder: Looben Yang

Effect: High gravity

Description: Weakness can occur after free use when you release the Web worker thread from memory prematurely instead of memory in the main thread while canceling fetch operations.

Reference bug


CVE-2018-5093: Buffer overflow in WebAssembly during Memory / Table resizing
Finder: OSS-Fuzz

Effect: High gravity

Description: The heap buffer overflow vulnerability occurs in the wimbsample while changing the memory size resulting in the exploitation of the caterpillars.

Reference of the bug

CVE-2018-5094: Buffer overflow in WebAssembly with garbage collection on uninitialized memory
Finder: OSS-Fuzz

Effect: High gravity

Description: Heap wafer overflow vulnerability occurs in wimbsample when shrinklements are named followed by garbage collection on memory that is now uninitialized. This leads to the exploitation of the caterpillars ..

CVE-2018-5095: Integer overflow in Skia library during edge build allocation
Finder: Unknown

Effect: High gravity

Description: Integer overflow vulnerability overrides the vulnerability in the Sakia library when allocating memory to edge builders on some systems with at least 8 GB of RAM. This leads to unused memory usage, leading to the exploitation of the caterpillars.

The many gaps we mentioned the more serious we will touch on articles for more technical details later while available.

Remember that you need to update your browser.




Leave A Reply