Firefox has a severe Remote Code Execution Vulnerability and has been fixed

Firefox has a severe Remote Code Execution Vulnerability and has been fixed

Mozilla released an important update for the Firefox browser and fixed a serious vulnerability that allows remote attackers to execute malicious code on the affected computer.

This update is one week after Mozilla releases the new Firefox Quantum browser (Firefox 58). It has some new features, such as improved graphics engine and performance optimization and patches for over 30 vulnerabilities.

According to Cisco's security recommendations, Firefox 58.0.1 addresses the arbitrary code execution vulnerability caused by insufficient HTML fragments in Chrome (Browser UI.

Hackers can exploit this vulnerability (CVE-2018-5124) to run arbitrary code on the victim's computer, as long as they fool their access link or "open a file and commit malicious input to the affected software ".

This suggestion says: "A successful vulnerability attack allows hackers to execute arbitrary code with the user's permissions. if the user has higher permissions, the attacker can completely damage the system.

Hackers can install programs, create new accounts with full user permissions, and view, change, or delete data.

However, if the application has less permissions, this will have a small impact on the user.

Affected browser versions include Firefox 56 (. 0 ,. 0.1 ,. 0.2), 57 (. 0 ,. 0.1 ,. 0.2 ,. 0.3 ,. 0.4) and 58 (. 0 ). Firefox 58.0.1 has fixed this vulnerability and can be downloaded from Firefox official website.

The vulnerability was discovered by Mozilla developer Johann Hofmann and does not affect Firefox browsers for Android and Firefox 52.

In addition, Firefox also recommends that administrators use low-privilege accounts when browsing the Internet.

Mozilla Firefox 58.0.1 released, corrected the Windows page loading error