Yoroi-Cybaze: new zero-day vulnerability uncovered on Mozilla Firefox, and already used for targeted attacks, in order to inoculate malware. Install the security patch now

A new zero-day vulnerability has been discovered on Mozilla Firefox, which has already caused several targeted cyber attacks. Yoroi-Cybaze cyber security experts report it. According to the researchers, the problem originated from the fallacious management of some aliases during the enhancement of vectors and arrays within the browser’s JavaScript engine. This circumstance can be exploited by remote attackers to execute arbitrary code and install malware inside the victim’s computer, for example following the opening of special links, browsing on compromised websites or in Watering-Hole attack scenarios. The manufacturer confirmed the criticality with the MFSA2020-03 bulletin and released browser versions capable of solving the problem. As a result, it is highly recommended to install security patches as soon as possible to thwart possible cybercrime attacks.