Softpedia News / Security
Mozilla has just released a new Firefox version, and this time, the minor revision is actually pretty big news in terms of security.
This is because the new update, which brings the browser to version 100.0.2, includes two critical security fixes, so obviously, everybody is recommended to install it as soon as possible.
Mozilla has flagged both security fixes with a critical severity rating, revealing they were reported by researcher Manfred Paul of Trend Micro’s Zero Day initiative.
The first bug is a prototype pollution in Top-Level Audit implementation.
“If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context,” Mozilla says.
The second vulnerability, which is documented in CVE-2022-1529, is an untrusted input used in Javascript object inde…
Read the original article: