Mozilla released Firefox 74.0.1 and Firefox ESR 68.6.1 to fix two critical vulnerabilities. The flaws could allow attackers to execute arbitrary code or trigger crashes on vulnerable Firefox versions. Mozilla is aware of targeted attacks in the wild abusing these two vulnerabilities with a Critical severity rating. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert saying that “an attacker could exploit this vulnerability to take control of an affected system
Source: security