ClickCease Firefox and Chrome Updates Patch High-Severity Vulnerabilities

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

Firefox and Chrome Updates Patch High-Severity Vulnerabilities

Rohan Timalsina

November 8, 2023 - TuxCare expert team

Mozilla and Google have recently released important security updates for their web browsers, Firefox and Chrome. These updates include patches for several vulnerabilities, including some potentially harmful memory safety bugs.

First, let’s talk about Firefox. Mozilla unveiled Firefox version 119, which comes with fixes for a total of 11 vulnerabilities, including three high-severity issues. One of these high-severity problems, known as CVE-2023-5721, is an insufficient activation-delay bug. This bug could unintentionally activate or dismiss browser prompts and dialogues, potentially leading to clickjacking, which is a security threat. The good news is that Mozilla has taken action to patch this issue.

Firefox 119 also addresses a couple of memory safety issues, specifically tracked as CVE-2023-5730 and CVE-2023-5731. These issues could potentially allow attackers to execute arbitrary code on your system. In addition to these, the update addresses seven medium-severity flaws that could lead to problems like header leakage, crashes, unexpected errors, opening of arbitrary URLs, obscured full-screen notifications, and bypassing of download protections.

In addition to Firefox 119, Mozilla has also released Firefox ESR 115.4 and Thunderbird 115.4.1, both of which include fixes for eight of the vulnerabilities found in Firefox 119, including CVE-2023-5721 and CVE-2023-5730 issues. Fortunately, Mozilla hasn’t received any reports of these vulnerabilities being exploited in malicious attacks.


Chrome Updates Fix Vulnerabilities


Now, let’s turn our attention to Chrome. Google released an update for Chrome that takes care of two vulnerabilities, one of which is a high-severity issue reported by an external researcher. This specific flaw, known as CVE-2023-5472, is described as a use-after-free issue in Profiles. Google recognized the importance of this discovery by rewarding the researcher with $3,000. Use-after-free bugs in Chrome can be used to escape the browser’s security boundaries and potentially execute code on your computer’s operating system. However, it’s worth noting that Google has not found any evidence of this vulnerability being exploited in the wild.


Final Thoughts


These updates are a crucial part of maintaining the security and reliability of your web browsing experience. Linux distributions like Ubuntu and Debian have already released security updates for Firefox and Chrome packages to address these vulnerabilities. To ensure your online safety, it’s a good practice to update your web browser regularly.

For Firefox, you can update to version 119; for Chrome, ensure you have the latest version, which may vary depending on your operating system. You can stay safe from potential online threats by remaining up-to-date with these browser updates.


The sources for this article include a story from SecurityWeek.

Firefox and Chrome Updates Patch High-Severity Vulnerabilities
Article Name
Firefox and Chrome Updates Patch High-Severity Vulnerabilities
Discover the latest Firefox and Chrome updates addressing high-severity vulnerabilities. Learn how to secure your browsing experience today!
Publisher Name
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Become a TuxCare Guest Writer

Get started




Linux & Open Source

Subscribe to
our newsletter