Mozilla has released Firefox version 131.0.2 to patch a critical vulnerability that has been exploited in the wild. The flaw, discovered by ESET researcher Damien Schaeffer, involves a “use-after-free” memory issue in Animation timelines, allowing attackers to execute malicious code.
Mozilla confirmed reports of active exploitation affecting both the standard Firefox and Firefox Extended Support Release (ESR) versions.
Use-after-free vulnerabilities occur when software fails to clear memory pointers, creating opportunities for code injection attacks. In this case, attackers could use the flaw to compromise devices, potentially leading to the execution of harmful code.
Firefox users are urged to update to version 131.0.2 immediately to protect against potential risks. This update addresses a serious security threat while Mozilla continues to improve browser features.