‘Firefox’ Patches Exploited ‘Zero-Day Vulnerability’ And Launched ‘Enhanced Tracking Protection’ Feature

ad1

A zero-day vulnerability that can allow for “exploitable crash” and other attacks by hackers when abused has finally been patched up by Mozilla. The Mozilla team has released earlier today version 67.0.3 of the Firefox browser to address the critical vulnerability.

“A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop, Mozilla engineers wrote in a security advisory posted yesterday.

“This can allow for an exploitable crash,” they added. “We are aware of targeted attacks in the wild abusing this flaw.”

Samuel Groß, a security researcher with Google Project Zero security team, and the Coinbase Security team were credited with discovering the Firefox zero-day — tracked as CVE-2019-11707.

“tl;dr an integer overflow in the code responsible for loading script tags leads to an out-of-bounds write past the end of a mmap chunk. One way to exploit this includes placing a JavaScript heap behind the buffer and subsequently overflowing into its metadata to create a fake free cell. It is then possible to place an ArrayBuffer instance inside another ArrayBuffer’s inline data. The inner ArrayBuffer can then be arbitrarily modified, yielding an arbitrary read/write primitive. From there, it is quite easy to achieve code execution,” wrote the researcher about the zero-day he discovered.

Nonetheless, aside from the terse announcement from Mozilla, there is no other information offered by the tech giant, especially that regarding the vulnerability or the ongoing attacks in the wild.

In a separate interview, the tech researcher said that “the bug can be exploited for RCE [remote code execution] but would then need a separate sandbox escape” to run code on an underlying operating system.”

“However, most likely it can also be exploited for UXSS [universal cross-site scripting] which might be enough depending on the attacker’s goals,” he added.

Reports revealed that the vulnerability could be exploited to attack cryptocurrency owners. However, the tech researcher from Google admitted that he has no idea regarding the attacks.

“I don’t have any insights into the active exploitation part. I found and then reported the bug on April 15,” the Google security researcher said.

Firefox launches Enhanced Tracking Protection

Meanwhile, the search engine company has also renewed its commitment to protecting user data from unauthorized mining and tracking by advertisers.

“It’s been several weeks since I was promoted to Senior Vice President of Firefox, responsible for overall Firefox product and web platform development. As a long-time employee with 10+ years, I’ve seen a lot of things within the tech industry from data breaches, net neutrality, and the rise and fall of tech companies. I believe that Firefox has and will continue to make a big impact in building the necessary protections to keep people safe online,” said Dave Camp, Senior VP of Firefox in a press release.

According to Firefox, for those who have newly installed Firefox, the Enhanced Tracking Protection will be installed to their browsers by default. This feature will block sites from tracking the user for whatever purpose it may serve, especially in retargeting and other forms of advertising. It will block known “third-party tracking cookies” according to the Disconnect list.

Enhanced Tracking Protection will be practically invisible to the users, and they will only notice that it’s operating when they visit a site and see a shield icon in the address bar next to the URL address and the small “i” icon.

“When you see the shield icon, you should feel safe that Firefox is blocking thousands of companies from your online activity,” Camp added.

Users can also check what companies are included in the blocked trackers by clicking the shield icon, and going to the Content Blocking section, then Cookies. It should read Blocking Tracking Cookies. Then, click on the arrow on the right-hand side, and users will see the companies listed as third-party cookies and trackers that Firefox has blocked. If users want to turn off blocking for a specific site, they can click on the Turn off Blocking for this Site button.

Furthermore, Camp said that they would be rolling out the Enhanced Tracking Protection feature in default to existing users in the coming months without the users doing anything to activate it.

“If you can’t wait, you can turn this feature on by clicking on the menu icon marked by three horizontal lines at the top right of your browser, then under Content Blocking. Go to your privacy preferences and click on the Custom gear on the right side. Mark the Cookies checkbox and make sure that “Third-party trackers” is selected,” Camp advised.

Leave a Reply

Your email address will not be published. Required fields are marked *