Firefox 97.0.2 thiab 91.6.1 tam sim no muaj nrog kev kho rau ob qhov tsis zoo uas tau ntsuas tias tseem ceeb. Cov qhov tsis zoo no tso cai rau cov neeg tawm tsam hla kev cais sandbox thiab ua cov lej nrog cov cai browser thaum ua cov ntsiab lus tshwj xeeb. Nws tau hais tias kev siv tsis raug tau txheeb xyuas rau ob qho teeb meem, uas twb tau siv los ua kev tawm tsam.
Cov ntsiab lus tseem tsis tau qhia tawm, tab sis paub tias qhov tsis muaj zog thawj zaug (CVE-2022-26485) muaj feem cuam tshuam nrog kev nkag mus rau thaj chaw nco uas twb tau tso tawm lawm (Use-after-free) hauv cov lej rau kev ua cov txheej txheem XSLT parameter, thiab qhov thib ob (CVE-2022-26486) muaj feem cuam tshuam nrog kev nkag mus rau lub cim xeeb uas twb tau tso tawm lawm hauv WebGPU IPC framework.
Txhua tus neeg siv cov browsers uas siv Firefox raug qhia kom nruab cov hloov tshiab tam sim ntawd. Cov neeg siv Tor Browser, uas yog raws li ceg Firefox 91 ESR, yuav tsum ceev faj tshwj xeeb thaum nruab cov hloov tshiab, vim tias qhov tsis muaj zog tsis yog tsuas yog ua rau lub kaw lus puas tsuaj xwb tab sis kuj tseem ua rau tus neeg siv tsis qhia npe. Kev hloov tshiab rau Tor Browser uas daws cov teeb meem no tseem tsis tau tso tawm.
Tau qhov twg los: opennet.ru
