Mozilla released security updates to address vulnerabilities in Firefox and Firefox ESR, where an attacker could take control of an affected system.
The Firefox 66 web browser and Firefox ESR 60.6 released for all supported platforms.
Firefox 66 and ESR 60.6 patched critical vulnerabilities among others.
In addition, there was a type inference system allowed the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the constructor function is entered through on-stack replacement (OSR). This allowed for possible arbitrary reading and writing of objects during an exploitable crash.
In addition, there were critical memory safety bugs fixed.