[MacTUG] a firefox security patch for Macs

Thu Jul 4 11:55:06 EDT 2019

Title: Firefox patches critical zero-day used to target Macs
Description: Firefox patched a series of bugs in its latest update, but most notably fixed a vulnerability that attackers exploited to install cryptocurrency miners. Last week, the web browser released a fix for a code-execution vulnerability in a JavaScript programming method known as "Array.pop," and then a sandbox breakout bug the next day. Two new Snort rules from Talos protect against the Array vulnerability.
Reference: https://arstechnica.com/information-technology/2019/06/potent-firefox-0day-used-to-install-undetected-backdoors-on-macs/<https://click.email.sans.org/?qs=f9f03173671e1683e1195b0dbabba19a7a7edf5b819e2929c90f80f6a63b744e3090b74a3f093d7f95c546a91b25c560011b1bb6953f1377>

________________________________
From: Edward Chrzanowski
Sent: Thursday, July 4, 2019 9:46:34 AM
To: MacTUG at lists.uwaterloo.ca.ca
Subject: a firefox security patch for Macs

Title: Firefox patches critical zero-day used to target Macs
Description: Firefox patched a series of bugs in its latest update, but most notably fixed a vulnerability that attackers exploited to install cryptocurrency miners. Last week, the web browser released a fix for a code-execution vulnerability in a JavaScript programming method known as "Array.pop," and then a sandbox breakout bug the next day. Two new Snort rules from Talos protect against the Array vulnerability.
Reference: https://arstechnica.com/information-technology/2019/06/potent-firefox-0day-used-to-install-undetected-backdoors-on-macs/<https://click.email.sans.org/?qs=f9f03173671e1683e1195b0dbabba19a7a7edf5b819e2929c90f80f6a63b744e3090b74a3f093d7f95c546a91b25c560011b1bb6953f1377>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.uwaterloo.ca/pipermail/mactug/attachments/20190704/2604898c/attachment.html>