Kulandela ukukhishwa kweFirefox 67.0.3 kanye ne-60.7.1 ukukhishwa okungeziwe kokulungisa okungu-67.0.4 no-60.7.2, okuqede usuku lwesibili lwe-0 (CVE-2019-11708), ekuvumela ukuthi udlule indlela yokuhlukanisa i-sandbox. Udaba lisebenzisa ukukhohlisa kwe-IPC Prompt:Vula ikholi ukuze uvule, ngenqubo yomzali engafakwa ebhokisini le-sandbox, okuqukethwe kwewebhu okukhethwe inqubo yengane. Uma kuhlanganiswe nobunye ubungozi, le nkinga ingadlula wonke amazinga okuvikela futhi ivumele ikhodi ukuthi isetshenziswe kusistimu.
Ubungozi buhlonzwe ekukhishweni okubili kokugcina kweFirefox ngaphambi kokuthi kulungiswe ukuhlela ukuhlaselwa kwabasebenzi be-Coinbase cryptocurrency exchange, kanye ukusabalalisa i-malware yesikhulumi se-macOS. ukuthi ulwazi olumayelana nokuba sengozini kokuqala luthunyelwe ku-Mozilla yilungu le-Google Project Zero emuva ngo-April 15 nangoJuni 10. enguqulweni ye-beta yeFirefox 68 (abahlaseli cishe bahlaziye ukulungiswa okushicilelwe futhi balungiselela ukuxhaphaza, besebenzisa elinye ithuba lokuba sengozini ukuze badlule ukuhlukaniswa kwebhokisi lesihlabathi).
Source: opennet.ru