Mozilla releases update for Firefox 54

Mozilla has released a patch for a most dangerous bug and  total of 32 bugs, in the Firefox 54 browser

The company has published latest security advisory on Tuesday, three of the resolved vulnerability included the critical ones.  The bug now resolved is a use-after-free vulnerability in the Firefox 54 browser.

The vulnerability, CVE-2017-5472, was the most dangerous vulnerability. Security researcher Nils,  within the Firefox frame loader, discovered it during tree reconstruction while regenerating a CSS layout.

Whenever the browser tried to using a node in the tree there is a potentially exploitable crash because the tree no longer exists.

In the latest update, three other dangerous vulnerabilities were also sloved.  "One vulnerability is (CVE-2017-7749)  use-after-free vulnerability when using an incorrect URL during the reloading of a docshell, another use-after-free vulnerability which occurs during video control operations when a < track > element holds a reference to an older window if that window has been replaced in the DOM (CVE-2017-7750), and a third use-after-free vulnerability with content viewer-listeners (CVE-2017-7751)."

All of these vulnerabilities resulted in a  crash which could be exploited easily.

In addition to the critical vulnerabilities, Mozilla has patched six other bugs which had high impact.  A security flaw in WebGl, an escalation bug in the Firefox installer,  out-of-bounds reads, buffer overflow reads and writes, and the use of uninitialized memory in the Graphite 2 library.

Another bug, CVE-2017-7759, affected users of  Firefox operating system on the Android mobile.

"Android intent URLs given to Firefox for Android can be used to navigate from HTTP or HTTPS URLs to local file: URLs, allowing for the reading of local data through a violation of same-origin policy," Mozilla says.

 Mozilla teams hope to lure users with the latest update which will reduce memory demands, increase performance and speed things up when surfing the Internet.
Category:

Share this with Your friends: