11 votes

Firefox zero-day was used in attack against Coinbase employees, not its users

2 comments

  1. [2]
    Deimos
    Link
    Firefox has now released 67.0.4 and ESR 60.7.2 to fix the second exploit mentioned: https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/ This is after just releasing 67.0.3 and ESR...

    Firefox has now released 67.0.4 and ESR 60.7.2 to fix the second exploit mentioned: https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/

    This is after just releasing 67.0.3 and ESR 60.7.1 two days ago for the first one: https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/

    Be sure to update, these are dangerous vulnerabilities.

    6 votes
    1. dblohm7
      Link Parent
      To help people understand why there were two dot releases in succession: One fix was going to take longer than the other, so we pushed out the one that was ready ASAP via 67.0.3 and then pushed...

      To help people understand why there were two dot releases in succession: One fix was going to take longer than the other, so we pushed out the one that was ready ASAP via 67.0.3 and then pushed out 67.0.4 as soon as the second fix was ready.

      9 votes