Mozilla 发布 Firefox 的安全更新, 通过 CVE-2024-9680 错误修复远程代码执行. Mozilla releases security update for Firefox to fix remote code execution via CVE-2024-9680 bug.
Mozilla公布了Firefox的紧急安全最新情况,解决了严重的脆弱性问题(CVE-2024-9680),使攻击者能够在动画时间表中通过无害虫远程执行代码。 Mozilla has released an urgent security update for Firefox, addressing a critical vulnerability (CVE-2024-9680) that allows attackers to execute code remotely through a use-after-free bug in animation timelines. 这一漏洞影响了Firefox的标准版本和扩展支持版本. Discovered by ESET's Damien Schaeffer, this flaw affects both standard and Extended Support Release versions of Firefox. 建议用户立即更新第131.0.2版或有关的ESR版本,以防潜在利用。 Users are advised to update to version 131.0.2 or relevant ESR versions immediately to safeguard against potential exploitation.