Firefox 73 Released – Added NextDNS in Firefox DNS over HTTPS & Several Security Vulnerabilities are Fixed

Mozilla released Firefox 73 with several security patch updates for the vulnerabilities that affected the previous version of Firefox.

Firefox 73 addressed and fixed 6 vulnerabilities that include, 3 “High” severity vulnerabilities and 3 “Moderate” severity vulnerabilities.

You can update your Firefox by Checking update in Help -> About Firefox -> Firefox Automatically Check the Update.

Mozilla also added NextDNS in Firefox along with Cloudflare as an additional provider with DNS over HTTPS that provides an encryption connection for every DNS request from users and prevents monitoring and tracking by governments and the Internet providers.

To enable DNS over HTTPS and configure it to use NextDNS, you can go to Options -> General -> Network Settings.

Firefox Security Updates

A memory corruption vulnerability affected due to Missing bounds check on shared memory read in the parent process that causes crash reporting information, crash itself, and cause an out-of-bound write.

Successfully exploit this vulnerability potentially allows a remote attacker to execute arbitrary code on the target system that leads to crash the browser, and the vulnerability can be tracked as CVE-2020-6796.

Mozilla developers also reported an another 2 memory safety bugs present in Firefox 72 and Firefox ESR 68.4.

According to Mozilla report, “Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.”

You can download Firefox 73 from the following links:

Also Read: Top 10 Dangerous DNS Attacks Types and The Prevention Measures

Balaji N

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

View Comments

Recent Posts

GoTitan Botnet Actively Exploiting Apache ActiveMQ Vulnerability

Attackers are exploiting the recently discovered critical security vulnerability tracked as (CVE-2023-46604) affecting Apache ActiveMQ…

16 hours ago

Cybercriminals are Showing Hesitation to Utilize AI When Executing Cyber Attacks

Media reports highlight the sale of LLMs like WormGPT and FraudGPT on underground forums. Fears…

17 hours ago

Vigil: Open-source Security Scanner for LLM Models Like ChatGPT

An open-source security scanner, developed by Git Hub user Adam Swanda, was released to explore…

17 hours ago

Slovenia’s Biggest Power Provider has Suffered a Cyberattack

One of Slovenia's major power providers, HSE, has recently fallen victim to a significant cyberattack.…

18 hours ago

Genesis Market Technique: Hackers Exploited Node.js and EV Certificates

In the labyrinthine landscape of cyber threats, the Trend Micro Managed XDR team has uncovered…

20 hours ago

Design Flaw in Domain-Wide Delegation Could Leave Google Workspace Vulnerable to Takeover – Hunters

BOSTON, MASS. and TEL AVIV, ISRAEL, November 28, 2023 - A severe design flaw in…

2 days ago