Mozilla has recently launched Firefox 118, which addresses a total of nine security vulnerabilities. Notably, this release effectively resolves six high-severity vulnerabilities that were previously identified.
The majority of vulnerabilities identified are associated with memory-related concerns, which have the potential to result in exploitable crashes.
The vulnerabilities identified as CVE-2023-5168 and CVE-2023-5169 pertain to high-severity instances of Out-of-bounds writing in the PathOps and FilterNodeD2D1 components.
Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware
It can be leveraged through the provision of compromised content, resulting in a potentially exploitable crash.
The vulnerability identified as CVE-2023-5170 pertains to a memory leak concern that has the potential to facilitate the creation of a sandbox escape, provided that the specific data required for leakage is obtained.
Another vulnerability with the identifier CVE-2023-5171 occurs during the garbage collection process and leads to a use-after-free condition.
Ion Engine has yet another memory corruption bug, CVE-2023-5171, that could be exploited to cause a crash.
Memory safety issues tracked as CVE-2023-5176, have been patched in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3.
The identified software vulnerabilities possess the potential for exploitation by malicious actors, enabling the execution of arbitrary code.
Firefox 118 is considered a significant release due to the introduction of its built-in website translation feature.
- Automated translation of web content
- Web Audio in Firefox now uses the FDLIBM to improve anonymity
- Fonts to websites have been restricted to system fonts
- Video Effects and background blur are now available to Firefox users
- Add-on suggestions for US-based Users
With Firefox 118, Android users can now print web pages directly from the browser or the share menu, open user-pinned shortcuts in an already open tab if the tab’s URL is the same, and delete cookies and other site data via the “Cookies and site data” menu.