Mozilla says Firefox developers have determined that their browser is affected by a critical vulnerability that is similar to the Chrome zero-day disclosed a few days ago. The issue, described as an incorrect handle, can allow a compromised child process to cause the parent process to “return an unintentionally powerful handle, leading to a sandbox escape”, Firefox developers said. The flaw only impacts Firefox for Windows and it has been patched.

Read more: https://www.securityweek.com/firefox-affected-by-flaw-similar-to-chrome-zero-day-exploited-in-russia/