Just a day after releasing Firefox 72, the Mozilla Foundation released a new security update 72.0.1 that addresses a critical security vulnerability under active attack.
On Tuesday this week, Mozilla introduced Firefox 72 with built-in browser fingerprinting protections and also fixes for 11 security vulnerabilities.
However, Mozilla released on January 8 a security update 72.0.1 to fix a vulnerability in the IonMonkey JIT compiler (CVE-2019-17026).
“Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw,” Mozilla said in the advisory.