We recently released a new Firefox update. Mozilla has released the new version of Firefox 72.0.1, and at the time of writing the changelog.
The new release may come as a surprise to many, as the previous version of Firefox 72.0 was released just a few days ago. Firefox ESR, Extended Release Support specifically aimed at organizations and users who need stability without much change, is also updated to Firefox ESR 68.4.1.
While it is not uncommon for Mozilla to release small updates between large versions of Firefox, it is rare for an update to be released just days after its release.
Firefox 72.0.1 fixes a security vulnerability in the currently browsing web browser according to Mozilla.
The release note lists the security patch as the only change to the new version of Firefox.
Mozilla Security Advisories hub as you can see in the image above lists only one vulnerability that appears to have been updated in Firefox 72.0.1. Vulnerability has been described as critical, which is used to identify vulnerabilities with great impact.
The description says:
CVE-2019-17026: IonMonkey type confusion with StoreElementHole and FallibleStoreElement
Incorrect information in the IonMonkey JIT compiler for configuring table elements could lead to type confusion. We know that there are already targeted attacks abusing this flaw.
The vulnerability was reported by Qihoo 360 ATA, and is said to affect the browser's Just in Time Compiler. Since the vulnerability is already being exploited on the internet, Mozilla had to react quickly with the release of a patch.
So the new versions of Firefox, Firefox 72.0.1 and Firefox ESR 68.4.1 are already available. Firefox users can download the latest version from the Mozilla Web site or use the built-in update feature to update their browser.
Firefox 72.0.1 download before official release