Mozilla has released Firefox version 74.0.1 and Firefox Extended Support Release (ESR) 68.6.1 to address two critical vulnerabilities (CVE-2020-6819 and CVE-2020-6820). There are reports of targeted attacks exploiting these vulnerabilities.
These vulnerabilities exist due to use-after-free errors in Firefox browser components. Successful exploitation of these vulnerabilities could corrupt memory and allow an attacker to execute arbitrary code.
Users of affected products are advised to install the latest security updates immediately. All users are encouraged to enable the automatic update function to ensure prompt software updates are performed.
More information is available at: