Skip to main content
  1. Home
  2. News

The U.S. government says you need to update Firefox right now

By

If you use the Mozilla Firefox web browser, the government recommends that you update the browser because of a zero-day vulnerability that could enable hackers to take control of your computer. 

The United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is encouraging those with the Firefox browser to update to versions 72.0.1 and ESR 68.4.1.

Recommended Videos

“Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild,” CISA’s statement published on Wednesday reads. 

Please enable Javascript to view this content

Mozilla is aware of the vulnerability and issued a fix for it in the latest update version on Wednesday, January 8. The zero-day vulnerability (CVE-2019-17026) was labeled by the company as “critical” and could have allowed potential hackers an open door to access people’s browsers and computers. The company said that hackers actively engaging in “targeted attacks” against the exploit, meaning you could be at serious risk if you don’t update your browser as soon as possible. 

Related

Mozilla said that Chinese cybersecurity firm Qihoo 360 found and reported the vulnerability to the company.

According to Forbes, a zero-day vulnerability means “a security vulnerability that is not known to the product vendor or security researchers but, crucially, is known to threat actors who can then exploit it.”

How to update Firefox

Updating your Firefox browser to protect you from this vulnerability is simple: 

  1. Go to your browser’s menu bar and click About Firefox.
  2. A new window will open and will begin to check for any updates, downloading them automatically.
  3. Once the download is complete, be sure to click Restart to update Firefox to make sure you are using the latest version (72.0.1). 

Despite this vulnerability, Firefox is a close runner-up to Google Chrome for Digital Trends’ pick for the best web browser. Firefox is more privacy-centric than Chrome and is comparably fast. 

Firefox has made recent updates in the last month that include better privacy protections with anti-tracker support, improved password syncing across devices, and integrated breach alerts.

In November, Firefox also made an update in Firefox 70 that allows you to hide notification permission pop-ups that can get annoying. 

Digital Trends reached out to Mozilla to find out more about the vulnerability, and what could have caused it. We will update this story once we hear back. 

Editors’ Recommendations

Topics
Allison Matyus
Allison Matyus
Former Digital Trends Contributor
Allison Matyus is a general news reporter at Digital Trends. She covers any and all tech news, including issues around social…
Nvidia’s RTX 5080 may be better than the RTX 5090 in one small way
The PNY RTX 4080 XLR8 installed in a PC.

The launch of Nvidia's next-gen best graphics cards is right around the corner, and we're getting new leaks about the specs almost every day. Today, Benchlife reveals that the RTX 5080 may be the only RTX 50-series GPU to receive 30Gbps memory modules from the get-go. This would give the RTX 5080 a slight advantage, but there's also some conflicting information about the memory configuration for this GPU.

All of Nvidia's next-gen graphics cards are said to use new GDDR7 memory, and yesterday's Zotac leak confirmed that the RTX 5090 will sport 32GB of GDDR7 VRAM. That's a massive upgrade over the previous generation, but the RTX 5080 won't enjoy the same improvements -- the GPU is said to retain both the 16GB memory and the 256-bit bus we've already seen in the RTX 4080 (and its Super version).

Read more
The massive LastPass hack from 2022 is still haunting us
LastPass website on a laptop.

Just when you thought the LastPass breach of 2022 was over, we're still learning just how detrimental the hack was. According to blockchain expert ZachXBT and spotted by The Block, $5.36 million was stolen from 40 users in a string of attacks. This is on top of the $4.4 million stolen in October 2023 and $6.2 million earlier this year in February 2024.

The original hack goes back to 2022 when hackers claimed to have accessed LastPass' data, which contained API tokens, customer keys, multifactor authentication seeds (MFA), and encrypted password vaults. Although no official information explains how the breach happened, it's possible that the hacker responsible gained access to information that aided the breach. Hackers forced their way in despite the password vaults being encrypted because users reused weak or previously leaked combinations. This access, combined with the users' weak or reused passwords, led to the various accounts being compromised.

Read more
AMD’s most popular CPU is right around the corner
The AMD Ryzen 5 9600X between two finger tips.

AMD may soon expand its Zen 5 processor range with the Ryzen 5 9600. Typically, these budget-oriented CPUs find their homes in many PCs, gaming and otherwise, so this could be an interesting offering. How will it rank among some of the best processors? Here's what we know so far.

The information comes from X (Twitter) leaker Hoang Anh Phu, who sent out a message indicating that the AMD Ryzen 5 9600 will be available in late January. This tracks, because AMD is set to host a keynote during CES 2025 in early January, so a release date later that same month makes sense.

Read more