Firefox Version 50.0.2 Released to Address Critical Zero-Day Vulnerability

Corrine

Administrator,
Microsoft MVP,
Security Analyst
Staff member
Joined
Feb 22, 2012
Posts
12,394
Location
Upstate, NY
Mozilla sent Firefox Version 50.0.2 to the release channel today to address a critical zero-day vulnerability in the wild. Firefox ESR was updated to version 45.5.1. The update includes only the one critical update, Firefox SVG Animation Remote Code Execution.

Additional information about the vulnerability here: Vulnerability Note VU#791496 - Mozilla Firefox SVG animation nsSMILTimeContainer use-after-free vulnerability.

Note: As explained in the Pale Moon forum announcement, although significantly diverted from Mozilla development, the question arose as to whether Pale Moon is also vulnerable. After evaluation, it was reported that it is extremely unlikely that Pale Moon is vulnerable to this exploit.
 
Note: As explained in the Pale Moon forum announcement, although significantly diverted from Mozilla development, the question arose as to whether Pale Moon is also vulnerable. After evaluation, it was reported that it is extremely unlikely that Pale Moon is vulnerable to this exploit.

Twitter message from PaleMoon:
Despite this, we'll still be releasing a DiD patched update on Dec 2nd that fixes the crash at the root of this.
 

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top