Mozilla Releases Security Updates for Firefox
Critical advisory addresses one exploited vulnerability that affects Firefox on Windows
Summary
Critical advisory addresses one exploited vulnerability that affects Firefox on Windows
Affected platforms
The following platforms are known to be affected:
Threat details
Introduction
Mozilla has released security updates to address one critical vulnerability in Firefox and Firefox ESR.
Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in Firefox's Inter-process Communication (IPC) code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sandbox escape.
Exploitation of original Google Chrome vulnerability CVE-2025-2783
Google has observed exploitation of CVE-2025-2783 in the wild. More information can be found in Cyber Alert CC-4639
Remediation advice
Affected organisations are encouraged to review the Mozilla Foundation Security Advisory mfsa2025-19 and apply the relevant updates.
Definitive source of threat updates
Last edited: 28 March 2025 3:07 pm