Kev txij nkawm tso tawm ntawm Firefox 97.0.2 thiab 91.6.1 yog muaj, kho ob qhov tsis zoo uas tau raug ntsuas raws li qhov teeb meem tseem ceeb. Cov kev tsis zoo no tso cai rau koj hla kev cais sandbox thiab ua tiav koj cov cai nrog cov cai browser thaum ua cov ntsiab lus tshwj xeeb tsim. Nws tau hais tias rau ob qho teeb meem ntawm kev ua haujlwm ntawm kev ua haujlwm tau raug txheeb xyuas uas twb tau siv los ua kev tawm tsam.
Cov ntsiab lus tseem tsis tau nthuav tawm, nws tsuas yog paub tias thawj qhov muaj qhov tsis zoo (CVE-2022-26485) cuam tshuam nrog kev nkag mus rau thaj chaw nco tau tso tawm (Siv-tom qab-dawb) hauv cov cai rau kev ua XSLT parameter, thiab qhov thib ob. (CVE-2022-26486) nrog rau kev nkag mus rau lub cim xeeb uas twb tso tawm hauv WebGPU IPC lub moj khaum.
Txhua tus neeg siv ntawm browsers raws li lub cav Firefox raug pom zoo kom nruab qhov hloov tshiab tam sim ntawd. Cov neeg siv ntawm Tor Browser raws li ESR ceg ntawm Firefox 91 yuav tsum tau ceev faj tshwj xeeb thaum txhim kho qhov hloov tshiab, vim tias qhov tsis zoo tuaj yeem ua rau tsis yog kev cuam tshuam ntawm lub kaw lus, tab sis kuj rau de-anonymization ntawm tus neeg siv. Ib qho kev hloov tshiab uas tshem tawm qhov tsis zoo ntawm cov lus nug tseem tsis tau tsim rau Tor Browser.
Tau qhov twg los: opennet.ru