Awoogah! Awoogah! Firefox fans urged to update and patch zero-day hole exploited in the wild by miscreants
https://www.theregister.co.uk/2019/06/18/firefox_zero_day_patch/
Mozilla has released an emergency critical update for Firefox to squash a zero-day vulnerability that is under active attack.
The Firefox 67.0.3 and ESR 60.7.1 builds include a patch for CVE-2019-11707. The vulnerability is a type confusion bug in the way Firefox handles JavaScript objects in Array.pop. By manipulating the object in the array, malicious JavaScript on a webpage could get the ability to remotely execute code without any user interaction.