Its users Firefox they should immediately update their browsers to version 74.0.1 to fix two bugs currently being exploited by hackers.
The update is here, in the announcement of the new Firefox 74.0.1, which was officially released late last night. Its new version Firefox includes updates on vulnerabilities CVE-2020-6819 και CVE-2020-6820,. Both exist in the way that Firefox manages its memory space.
Bugs are so-called user-after-free vulnerabilities, and allow hackers to store code in its memory Firefox and run it in the browser environment. Such errors can be used to execute code on the victim's devices, although the implications and scope of such an exploit usually vary from system to system.
Details of the attacks that took place and exploited these two bugs remain unknown - a common practice between software developers and security researchers, as they focus first on developing patches and then investigating the attacks.
Mozilla credits JMP Security and security researcher Francisco Alonso for discovering the two 0day.
In a tweet he posted today, Alonso said the bugs discovered could affect other browsers, though it is not known if they have been exploited yet.
This update fixes the latter 0day in Firefox this year. It was preceded by another in January, with its release Firefox 72.0.1. The bug was used to attack users in China and Japan as part of a government-sponsored cyber-espionage campaign, according to reports from Qihoo 360 and Japan CERT.