Firefox Zero-day (CVE-2024-9680) #227
Comments
|
We will update as quickly as possible, but the disclosed vulnerabilities do not immediately put your device at risk. |
|
It's been 1 month |
|
Update: It's been confirmed it is being exploited in the wild. |
|
So... |
|
Oct 11, 'as quick as possible'. December 9... |
|
Hello, after three months the urge to get the latest version is slowly rising. |
|
im still waiting, for now i temporarily use Firefox mainline |
|
Latest update to my system purged this from existence as it should |
|
FYI Arch repos are now just a redirect to plain firefox due to this |
|
^ This is the way 👌 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Recently Firefox patched the CVE-2024-9680 zero-day in the following versions:
Currently Mercury is based on Firefox 192.0.02 which means it's vulnerable. My suggestion is due to low update activity to switch to Firefox's ESR release due to their slower, but more stable release cycle also reducing the need for you to update Mercury, if not at least update the browser to the latest Firefox version with the vulnerabilities patched, because according to Mozilla the vulnerability is already being exploited.
The text was updated successfully, but these errors were encountered: