Summary
Mozilla released security updates for Firefox and Thunderbird to patch a high-severity heap buffer overflow (CVE-2026-2447) in the libvpx library that allows remote code execution via malformed video content.
Take Action:
If you're using Mozilla Firefox or Thunderbird enable automatic updates for your browsers and mail clients and force an update. Even if the flaw is not critical, it's still better to update the browser and email client - they are your windows into the internet. Since this vulnerability can be triggered just by visiting a website or playing a video, patching is your best defense.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)