Tech

Firefox and Windows zero-day security bugs hit by Russian hackers, so be on your guard

Share
Share


  • ESET discovers two zero-day vulnerabilities that can lead to remote code execution
  • The researchers spot Russian hackers abusing the flaws to deploy backdoors
  • Fixes for both flaws are already available to download

A Russian advanced persistent threat (APT) group known as RomCom has been exploiting two zero-day vulnerabilities to hit its victims with potent backdoor malware, security experts have said.

ESET said its researchers first found a use-after-free bug in the animation timeline feature in Firefox. Since the bug forces the browser to use memory that has already been freed, it can lead to all sorts of undefined behavior, including executing code in the restricted context of the browser. This bug was discovered on October 8, and was assigned CVE-2024-9680. It was fixed a day later, on October 9.

Share

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Articles
Here’s why 100TB+ SSDs will play a huge role in ultra large language models in the near future
Tech

Here’s why 100TB+ SSDs will play a huge role in ultra large language models in the near future

Kioxia reveals new project called AiSAQ which wants to substitute RAM with...

The impact of electrifying heavy-duty vehicles on the grid
Tech

The impact of electrifying heavy-duty vehicles on the grid

Credit: Pixabay/CC0 Public Domain Electric heavy-duty vehicles offer significant advantages, including reduced...

Trump launches his own meme coin, value soars
Tech

Trump launches his own meme coin, value soars

US President-elect Donald Trump has launched his own meme coin. US President-elect...