Two new zero-day flaws were found in Mozilla Firefox web browser CVE-2022-26485 and CVE-2022-26486
Reports say that both of these critical zero-day vulnerabilities in Firefox are been actively exploited.
The vendor Mozilla has pushed software updates to its these critical security vulnerabilities,
Affected Products: Firefox, Firefox ESR, Firefox for Android, Focus, Thunderbird
Solution: Upgrade to the latest versions:
- Firefox 97.0.2
- Firefox ESR 91.6.1
- Firefox for Android 97.3
- Focus 97.3
- Thunderbird 91.6.2
Security researchers Wang Gang, Liu Jialei, Du Sihang, Huang Yi, and Yang Kang of Qihoo 360 ATA have been credited with discovering and reporting the shortcomings.