Mozilla Foundation Security Advisories

Would appreciate having an opinion on just how concerned one should be about these reported 64/60.4 vulnerabilities, those marked as impact "high," and especially the one marked "critical." How likely are they to be exploited? Is it likely that they will remain proof-of-concept only?

For any of these, as well as any earlier similar vulnerabilities noted with "Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code," and "potentially exploitable crash," has anything ever been seen in the wild?

And finally, is NoScript, which I am running, and by which I pay attention to any dodgy scripts, likely to prevent any exploits which might develop out of these bugs?

 

>>If the coders are concerned about being exploited, that's good enough for me.
Any software has bugs and bugs can be exploited by determined hackers.
Seems to me, updating when updates are suggested, will eliminate a lot of worry.

Thanks, already updated for FF 60.4, but awaiting corresponding patches for Waterfox 56.2.5, which I prefer since it has retained all my XUL "legacy" addons. Basically, wanted to know whether I should temporarily switch to FF until patches arrive for WF--my perennial question whenever in this situation.

Looks like switching to FF in the interim, which I usually do, not a bad idea.

 

March 22, 2019
MFSA 2019-10 Security vulnerabilities fixed in Firefox 60.6.1
MFSA 2019-09 Security vulnerabilities fixed in Firefox 66.0.1

 

May 21, 2019
MFSA 2019-14 Security vulnerabilities fixed in Firefox ESR 60.7
MFSA 2019-13 Security vulnerabilities fixed in Firefox 67