Firefox Quantum is a great browser, but it has a security flaw.
A Cisco report published Tuesday and spotted by The Hacker News revealed a Mozilla Firefox vulnerability that could allow hackers to remotely mess with users' computers.
Due to "insufficient sanitization of HMTL fragments in chrome-privileged documents," hackers could execute malicious code in users' systems by persuading the user to open a link or file. This could potentially allow hackers to install programs, change passwords, and compromise users' data.
The vulnerability affects anyone who uses Firefox on desktop — Firefox for iOS, Android, and Amazon Fire TV is not affected.
However, Mozilla (like its browser) is speedy, and all is not lost.
The company has released an update to address the vulnerability: Firefox 58.0.1. This is the first update to Mozilla's new Firefox Quantum Browser, Firefox 58, which rolled out last week.
While Firefox Quantum doesn't have as large a user base as Google Chrome, this vulnerability is still bad news for a lot of people. Quantum's first iteration had over 170 million downloads and half a billion hours of daily use less than a month after its launch. The company also claims that "millions of users" continue to download the browser every day.
Luckily for these users, there's no evidence that anyone's data have suffered because of the vulnerability. "We don’t have any evidence of it being known or exploited in the wild," a Mozilla spokesperson told Mashable. "
But you should still update so you're not the first. "As the Meltdown/Spectre issue recently demonstrated, however, it does not take motivated hackers long to figure out a flaw based on the patches for it. All users of any internet-connected software should install security updates when they are available."
If you're a Firefox user, download the update on Mozilla's website. It can also be found in Mozilla's open-source repository.