# Mozilla Firefox 97.0.2 fixes two actively exploited zero- day bugs **[bleepingcomputer.com/news/security/mozilla-firefox-9702-fixes-two-actively-exploited-zero-day-bugs/](https://www.bleepingcomputer.com/news/security/mozilla-firefox-9702-fixes-two-actively-exploited-zero-day-bugs/)** Lawrence Abrams By [Lawrence Abrams](https://www.bleepingcomputer.com/author/lawrence-abrams/) March 6, 2022 02:23 PM 0 Mozilla has released Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, and Focus 97.3.0 to fix two critical zero-day vulnerabilities actively exploited in attacks. Both zero-day vulnerabilities are "Use-after-free" bugs, which is when a program tries to use memory that has been previously cleared. When threat actors exploit this type of bug, it can cause the program to crash while at the same time allowing commands to be executed on the device without permission. These bugs are critical because they could allow a remote attacker to execute almost any command, including the downloading of malware to provide further access to the device. The zero-day vulnerabilities fixed by Mozilla are: ----- **CVE-2022-26485: Use-after-free in XSLT parameter processing - Removing an XSLT** parameter during processing could have lead to an exploitable use-after-free. We have had reports of attacks in the wild abusing this flaw. **CVE-2022-26486: Use-after-free in WebGPU IPC Framework - An unexpected** message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. [As Mozilla's security advisory explains, the Firefox developers are aware of "reports of](https://www.mozilla.org/en-US/security/advisories/mfsa2022-09/#CVE-2022-26485) attacks in the wild" actively exploiting these vulnerabilities. While Mozilla has not shared how threat actors use these zero-day vulnerabilities in attacks, it was likely done by redirecting Firefox users to maliciously crafted web pages. These vulnerabilities were discovered and disclosed to Mozilla by Chinese cybersecurity company Qihoo 360 ATA. Due to the critical nature of these bugs, and they are being actively exploited, it is strongly recommended that all Firefox users update their browsers immediately. You can also download the latest version of Mozilla Firefox for Windows, macOS, and Linux from the following links: [Firefox 97.0.2 for Windows 64-bit](https://download.mozilla.org/?product=firefox-latest-ssl&os=win64&lang=en-US) [Firefox 97.0.2 for Windows 32-bit](https://download.mozilla.org/?product=firefox-latest-ssl&os=win&lang=en-US) [Firefox 97.0.2 for macOS](https://download.mozilla.org/?product=firefox-latest-ssl&os=osx&lang=en-US) [Firefox 97.0.2 for Linux 64-bit](https://download.mozilla.org/?product=firefox-latest-ssl&os=linux64&lang=en-US) [Firefox 97.0.2 for Linux 32-bit](https://download.mozilla.org/?product=firefox-latest-ssl&os=linux&lang=en-US) Users can manually check for new updates by going to the Firefox menu > Help > About **Firefox. Firefox will then automatically check for and install the latest update and prompt** you to restart your browser. ## Related Articles: [Google Chrome emergency update fixes zero-day used in attacks](https://www.bleepingcomputer.com/news/security/google-chrome-emergency-update-fixes-zero-day-used-in-attacks/) [Mozilla fixes Firefox, Thunderbird zero-days exploited at Pwn2Own](https://www.bleepingcomputer.com/news/security/mozilla-fixes-firefox-thunderbird-zero-days-exploited-at-pwn2own/) [CISA adds 41 vulnerabilities to list of bugs used in cyberattacks](https://www.bleepingcomputer.com/news/security/cisa-adds-41-vulnerabilities-to-list-of-bugs-used-in-cyberattacks/) [Cisco urges admins to patch IOS XR zero-day exploited in attacks](https://www.bleepingcomputer.com/news/security/cisco-urges-admins-to-patch-ios-xr-zero-day-exploited-in-attacks/) [Microsoft Teams, Windows 11 hacked on first day of Pwn2Own](https://www.bleepingcomputer.com/news/security/microsoft-teams-windows-11-hacked-on-first-day-of-pwn2own/) [Actively Exploited](https://www.bleepingcomputer.com/tag/actively-exploited/) ----- [Firefox](https://www.bleepingcomputer.com/tag/firefox/) [Mozilla](https://www.bleepingcomputer.com/tag/mozilla/) [Vulnerability](https://www.bleepingcomputer.com/tag/vulnerability/) [Web Browser](https://www.bleepingcomputer.com/tag/web-browser/) [Zero-Day](https://www.bleepingcomputer.com/tag/zero-day/) [Lawrence Abrams](https://www.bleepingcomputer.com/author/lawrence-abrams/) Lawrence Abrams is the owner and Editor in Chief of BleepingComputer.com. Lawrence's area of expertise includes Windows, malware removal, and computer forensics. Lawrence Abrams is a co-author of the Winternals Defragmentation, Recovery, and Administration Field Guide and the technical editor for Rootkits for Dummies. [Previous Article](https://www.bleepingcomputer.com/offer/deals/hone-your-aws-and-virtualization-skills-with-this-training-bundle/) [Next Article](https://www.bleepingcomputer.com/offer/deals/hone-your-linux-skills-with-this-coding-training-bundle/) Post a Comment [Community Rules](https://www.bleepingcomputer.com/posting-guidelines/) You need to login in order to post a comment [Not a member yet? Register Now](https://www.bleepingcomputer.com/forums/index.php?app=core&module=global§ion=register) ## You may also like: -----