Saturday, June 22, 2024
HomeCyber CrimeFirefox 102 Patches 19 Vulnerabilities, Improves Privacy

Firefox 102 Patches 19 Vulnerabilities, Improves Privacy

This week, Mozilla announced the release of Firefox 102 in the stable channel, which includes fixes for 19 vulnerabilities, including four critical flaws.

 

The most recent release from Mozilla fixes CVE-2022-34470, a high-severity use-after-free flaw in nsSHistory that was brought on while switching between XML documents and might result in a crash that could be exploited.

When coupled with additional weaknesses, use-after-free vulnerabilities have the potential to compromise the entire system by allowing arbitrary code execution, data corruption, or denial of service. These flaws can be used by malicious websites to get beyond the sandbox of a browser.

 

A CSP sandbox header lacking “allow-scripts” might be bypassed via a retargeted javascript: URI, according to CVE-2022-34468, another high-severity bug fixed in Firefox 102. This problem makes it possible for an iframe to execute scripts without permission whenever a user hits a javascript: link.

The most recent version of Firefox also fixes Linux-specific bug CVE-2022-34479, which allowed malicious websites to produce popup windows that could be enlarged in a way that covered the address bar with online content, perhaps opening the door for spoofing attacks.

 

A number of memory safety flaws, including several that “showed signs of JavaScript prototype or memory corruption and we assume that with enough effort any of them may have been exploited to run arbitrary code,” have been given the CVE-2022-34484 designation.

By reducing query parameter monitoring when using the internet in Enhanced Tracking Protection (ETP) stringent mode, Firefox 102 further enhances user privacy.

 

Firefox avoids cross-site tracking by restricting cookies to the websites that created them thanks to ETP. With the help of the new feature, Firefox can now prevent particular tracking elements from being used by websites to go beyond the privacy safeguards set up by browsers.

 

In order to improve process isolation, Firefox 102 also performs audio decoding in a separate process with stronger sandboxing.

 

IEMA IEMLabs
IEMA IEMLabshttps://iemlabs.com
IEMLabs is an ISO 27001:2013 and ISO 9001:2015 certified company, we are also a proud member of EC Council, NASSCOM, Data Security Council of India (DSCI), Indian Chamber of Commerce (ICC), U.S. Chamber of Commerce, and Confederation of Indian Industry (CII). The company was established in 2016 with a vision in mind to provide Cyber Security to the digital world and make them Hack Proof. The question is why are we suddenly talking about Cyber Security and all this stuff? With the development of technology, more and more companies are shifting their business to Digital World which is resulting in the increase in Cyber Crimes.
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments

Izzi Казино онлайн казино казино x мобильді нұсқасы on Instagram and Facebook Video Download Made Easy with ssyoutube.com
Temporada 2022-2023 on CamPhish
2017 Grammy Outfits on Meesho Supplier Panel: Register Now!
React JS Training in Bangalore on Best Online Learning Platforms in India
DigiSec Technologies | Digital Marketing agency in Melbourne on Buy your favourite Mobile on EMI
亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us