Mozilla has launched updates to deal with a crucial safety flaw impacting its Firefox browser for Home windows, merely days after Google patched an analogous flaw in Chrome that got here beneath lively exploitation as a zero-day.
The safety vulnerability, CVE-2025-2857, has been described as a case of an incorrect deal with that might result in a sandbox escape.
“Following the latest Chrome sandbox escape (CVE-2025-2783), varied Firefox builders recognized an analogous sample in our IPC [inter-process communication] code,” Mozilla said in an advisory.
“A compromised youngster course of might trigger the dad or mum course of to return an unintentionally highly effective deal with, resulting in a sandbox escape.”
The shortcoming, which impacts Firefox and Firefox ESR, has been addressed in Firefox 136.0.4, Firefox ESR 115.21.1, and Firefox ESR 128.8.1. There isn’t a proof that CVE-2025-2857 has been exploited within the wild.
The event comes as Google released Chrome model 134.0.6998.177/.178 for Home windows to repair CVE-2025-2783, which has been exploited within the wild as a part of assaults focusing on media shops, instructional establishments, and authorities organizations in Russia.
Kaspersky, which detected the exercise in mid-March 2025, mentioned the an infection occurred after unspecified victims clicked on a specifically crafted hyperlink in phishing emails and the attacker-controlled web site was opened utilizing Chrome.
CVE-2025-2783 is claimed to have been chained along with one other unknown exploit within the internet browser to interrupt out of the confines of the sandbox and obtain distant code execution. That mentioned, patching the bug successfully blocks your entire assault chain.
The U.S. Cybersecurity and Infrastructure Safety Company (CISA) has since added the flaw to its Identified Exploited Vulnerabilities (KEV) catalog, requiring that federal businesses apply the required mitigations by April 17, 2025.
Customers are really helpful to replace their browser situations to the newest variations to safeguard towards potential dangers.
