The latest update to Firefox comes with a patch to a critical vulnerability that's being abused by hackers, says Mozilla, the browser's maker. The flaw could let attackers take over your system, according to the US Cybersecurity and Infrastructure Security Agency.
That's about as serious as a vulnerability can get. The good news is that Mozilla, which prides itself on protecting user privacy, released the patch Wednesday. Even better: The company has automatic updates on by default.
Speedy updates are essential to stopping flaws from causing widespread damage, and cybersecurity experts say keeping software up to date is one of the most important things people can do to protect themselves from hackers.
"On Tuesday, January 7, 2020, Chinese security firm Qihoo 360 reported a vulnerability that was used as part of targeted attacks on a local network," a Mozilla spokesperson said in a statement. "We started shipping Firefox updates to address this security vulnerability the next morning." Qihoo 360 couldn't immediately be reached for comment.
According to ZDNet, the flaw is a type of memory bug that can let attackers execute code on a hacked system. Mozilla hasn't indicated whether there's more information on who was using the vulnerability, or who hackers were targeting.
To make sure you've got the latest version of Firefox, open your browser, click on "Firefox" in the top menu, and then select "About Firefox." A popup window will open and assess which version of the browser you're running. If you have an older version of the browser, it'll automatically update and then ask you to restart your browser. All your open windows will be restored.
CNET tested this feature and found the restart process took less than 5 seconds, and successfully reopened 13 tabs.