The vulnerabilities, labeled CVE-2022-26485 and CVE-2022-26486, are both use-after-free (UAF) vulnerabilities that were reported to Mozilla by Chinese Internet security company Qihoo 360. As Kaspersky highlights, these…
The big picture: Mozilla has released new versions of its Firefox browser that correct a pair of critical zero-day vulnerabilities. Both have already been actively exploited in the wild, so you’ll want to grab the patch ASAP to avoid exposure. The vulnerabilities, labeled CVE-2022-26485 and CVE-2022-26486, are both use-after-free (UAF) vulnerabilities that were reported to Mozilla by Chinese Internet security company Qihoo 360. As Kaspersky highlights, these types of vulnerabilities relate to the incorrect use of dynamic memory during a program’s execution.
