Making software is a vital and dynamic process. Even with lots of bug testing, beta-stages and so on it may always happen that errors occur after the product has been launched. The worst thing that may happen are Zero-Day-Exploits which do not only harm the security stage of the product but all the people using it. Today the Mozilla Foundation has informed of an possible Zero-Day-Exploit with an urgent need to update your Firefox-installation to the latest patch level, version 67.0.3.

The exploit (CVE-2019-11707) from today's June 18th, 2019 is marked as "critical" and affects all versions of Firefox and Firefox ESR. With an update (which should be mandatory!) you will push your Firefox-installation to version 67.0.3 while the ESR-branch will be updated to 60.7.1.

Mozilla describes the bug as "a type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash. We are aware of targeted attacks in the wild abusing this flaw." The bug itself is being referenced as "Bug 1544386". If you have the permissions to access this link, you may receive further information on this topic.

According to some other sources in the WWW, this security flaw has already been taken advantage of in the wild so all you should do now is to check wether your Firefox-installation is updated to the last version. If not, head on and go for the latest Firefox-build!