Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member Latest Breaking News Editorials & Other Articles General Discussion The DU Lounge All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Computer Help and Support

Passages

(3,305 posts) Fri Mar 28, 2025, 08:21 AM Mar 2025

Mozilla Patches Critical Firefox Bug Similar to Chrome's Recent Zero-Day Vulnerability [View all]

Mar 28, 2025

Ravie Lakshmanan

Mozilla has released updates to address a critical security flaw impacting its Firefox browser for Windows, merely days after Google patched a similar flaw in Chrome that came under active exploitation as a zero-day.

The security vulnerability, CVE-2025-2857, has been described as a case of an incorrect handle that could lead to a sandbox escape.

"Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC [inter-process communication] code," Mozilla said in an advisory.

SNIP
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has since added the flaw to its Known Exploited Vulnerabilities (KEV) catalog, requiring that federal agencies apply the necessary mitigations by April 17, 2025.

https://thehackernews.com/2025/03/mozilla-patches-critical-firefox-bug.html?_m=3n%2e009a%2e3627%2eqb0ao44uux%2e2njc

2 replies

= new reply since forum marked as read

Highlight:

Mozilla Patches Critical Firefox Bug Similar to Chrome's Recent Zero-Day Vulnerability [View all] Passages Mar 2025 OP

Been a whirlwind week bucolic_frolic Mar 2025 #1

FireFox Maninacan Mar 2025 #2