Skip to main content
  1. Home
  2. News

The U.S. government says you need to update Firefox right now

By

If you use the Mozilla Firefox web browser, the government recommends that you update the browser because of a zero-day vulnerability that could enable hackers to take control of your computer. 

The United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is encouraging those with the Firefox browser to update to versions 72.0.1 and ESR 68.4.1.

Recommended Videos

“Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild,” CISA’s statement published on Wednesday reads. 

Related: 
The 8 best TVs for gaming in 2025, as vetted by our experts

Mozilla is aware of the vulnerability and issued a fix for it in the latest update version on Wednesday, January 8. The zero-day vulnerability (CVE-2019-17026) was labeled by the company as “critical” and could have allowed potential hackers an open door to access people’s browsers and computers. The company said that hackers actively engaging in “targeted attacks” against the exploit, meaning you could be at serious risk if you don’t update your browser as soon as possible. 

Mozilla said that Chinese cybersecurity firm Qihoo 360 found and reported the vulnerability to the company.

According to Forbes, a zero-day vulnerability means “a security vulnerability that is not known to the product vendor or security researchers but, crucially, is known to threat actors who can then exploit it.”

How to update Firefox

Updating your Firefox browser to protect you from this vulnerability is simple: 

  1. Go to your browser’s menu bar and click About Firefox.
  2. A new window will open and will begin to check for any updates, downloading them automatically.
  3. Once the download is complete, be sure to click Restart to update Firefox to make sure you are using the latest version (72.0.1). 

Despite this vulnerability, Firefox is a close runner-up to Google Chrome for Digital Trends’ pick for the best web browser. Firefox is more privacy-centric than Chrome and is comparably fast. 

Firefox has made recent updates in the last month that include better privacy protections with anti-tracker support, improved password syncing across devices, and integrated breach alerts.

In November, Firefox also made an update in Firefox 70 that allows you to hide notification permission pop-ups that can get annoying. 

Digital Trends reached out to Mozilla to find out more about the vulnerability, and what could have caused it. We will update this story once we hear back. 

Allison Matyus
Allison Matyus
Allison Matyus is a general news reporter at Digital Trends. She covers any and all tech news, including issues around social…
Topics

Editors’ Recommendations

Gemini brings a fantastic PDF superpower to Files by Google app
step of Gemini processing a PDF in Files by Google app.

Google is on a quest to push its Gemini AI chatbot in as many productivity tools as possible. The latest app to get some generative AI lift is the Files by Google app, which now automatically pulls up Gemini analysis when you open a PDF document.

The feature, which was first shared on the r/Android Reddit community, is now live for phones running Android 15. Digital Trends tested this feature on a Pixel 9 running the stable build of Android 15 and the latest version of Google’s file manager app.

Read more
Disney co-chairman reveals why The Acolyte was canceled after one season
Sol wields his lightsaber in The Acolyte episode 8.

Lucasfilm may be in the midst of experiencing a wave of positive attention and success thanks to its latest TV series, Skeleton Crew, but the Jude Law-starring sci-fi show isn't the only Star Wars title that has premiered on Disney+ this year. This past summer, Lucasfilm also debuted The Acolyte, a Sith-centric show set around 100 years before the events of Star Wars: Episode I - The Phantom Menace. Across its eight episodes, the series proved to be critically divisive, and it was only a month after The Acolyte's finale aired that Disney and Lucasfilm announced they would not be bringing the show back for a second season.

In a recent interview with Vulture, Disney Entertainment co-chairman Alan Bergman shed some light on the behind-the-scenes decision to cancel The Acolyte after just one season. "As it relates to Acolyte, we were happy with our performance, but it wasn’t where we needed it to be given the cost structure of that title, quite frankly, to go and make a season 2," Bergman revealed. "That’s the reason why we didn’t do that."

Read more
James Gunn calls Creature Commandos episode the saddest thing he’s ever written
james gunn calls creature commandos weasel episode saddest thing ever written sits at the bottom of a staircase in

Creature Commandos has been splitting its time as of late between the past and present. Its recent episodes have both propelled the show's present-day plot forward and also explored the pasts of characters like The Bride (Indira Varma) and G.I. Robot (Sean Gunn), offering new insights into the tragic events that shaped their identities and led them to their current circumstances. Creature Commandos' fourth and most recent episode, Chasing Squirrels, does the same for Weasel (also Sean Gunn), revealing the horrifying reasons the character was incorrectly blamed for the deaths of multiple schoolchildren.

The episode refrains from explaining what Weasel is or how the character came to be, but it doesn't shy away from the gruesome and tragic details of the "crime" that turned him into a full-blown monster in society's eyes. In an interview with Variety, Creature Commandos creator and DC Studios co-CEO James Gunn reflected on the episode, which is emotionally and narratively dark, even by the Guardians of the Galaxy Vol. 3 filmmaker's standards.

Read more