Friday 27 May 2022, Poradnik bezpieczeństwa

Mozilla is updating Firefox and Thunderbird after hacking security in the Pwn2Own hacking contest

Lost24

During the Pwn2Own hacking festival, Mozilla Firefox and Thunderbird security were hacked several times. Mainly, these were zero-day vulnerabilities, i.e. ones that no one had ever known about before.

One of the more interesting attacks as Mozilla says "An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototype pollution and ultimately attacker-controlled JavaScript executing in the privileged parent process,"

The winners received $100,000 for discovering bugs in Mozilla's software

Source: bleepingcomputer.com