Firefox and Tor hit with 9.8 critical level exploit

last week we talked about a major exploit discovered in the chromium based Arc browser and all the smart people in the comments were like thank God I use Firefox unfortunately the turns have tabled and now another 9.8 critical vulnerability has crashed into a second browser this time Firefox and this time it's been actively exploited in the wild now before you go in the comments and say thank God I use tour it even affects everybody out there doing totally not illegal stuff on the tour browser which itself is Firefox based this time though it wasn't a

silly mistake involving a misconfigured Firebase security rule but rather a use after free flaw on their implementation of the CSS animation timeline property they left a pointer dangling Which is far more difficult to detect an audit and in this case could be used by bad guys to take full control of your browser with remote code execution if you're running one of these Firefox versions you're probably already dead but if not you'll want to update immediately in today's video you'll learn all about the interesting and terrifying world of use after free exploits it is October 15th

2024 and you're watching the code report before we get started though I have some other bad news for internet browser users specifically those on Chrome using ublock origin or any other ad blocker for that matter we all knew this day was coming but shots were fired yesterday when this ominous message appeared on the plugin's install page warning users that U Block's execution date is Drawing Near now this is all part of a grand conspiracy to get you to watch ads and be happy and Google is achieving that by updating the Manifest four plugins from version

2 to version 3 which eliminates the web request API where plugins can see all the incoming Network requests so they can block all the garbage from known app ad servers I made a video on this a while ago if you want all the details but now let's get back to Firefox Slovakian company es has been credited with discovering and Reporting the vulnerability where an attacker is able to achieve code execution by exploiting a use after free flaw in the CSS animation timeline I use the animation timeline all the time to create scroll animations on websites

that nobody asked for and never would have expected it to be an attack Vector but to understand why this is so bad we need to understand what use after free actually means exploits like this have affected all the other browsers including Chrome and Safari and use after free was even responsible for the IOS Jailbreak of 2019 the Firefox browser is free and open source but you won't find it on GitHub its code is actually selfhosted and uses Mercurial for a Version Control it's primarily written in C++ although more and more of its code is now

being written in Rust a language that was created by a software engineer at Mozilla the Firefox itself contains over 30 million lines of code because building the browser is extremely complex at a high level here's how a use after free flaw could be introduced in the C code let's imagine we need to allocate some memory for a value to achieve that we create a pointer and then use Malik to allocate memory for it from there we can assign a value to it and use it in our program to do something useful like in the case

of Firefox render an animation at some later point when we no longer need that memory we'll want to deallocate it with free but now we have a problem called a dangling pointer the memory is free but the pointer itself still exists and is now being used in our code with undefined Behavior if an attacker can figure out how to get some malicious code into that memory it can cause the program to crash or even worse remote code execution now this could be easily fixed by setting the pointer to null or a different object but in

the case of Firefox the issue is likely a lot more complex and above my pay grate it's still being analyzed so there's not a ton of detail but Mozilla stated that they have had reports of the vulnerability being exploited in the wild the good news though is that it's completely fixed and it doesn't appear anything catastrophic has happened in addition if you're using the anonymous tour browser an attacker could take control of your browser but probably not totally de anonymize you assuming you're on tailes OS which recently merged with the tour browser as one project

now another browser that was affected by all this is Zen which is an awesome open source project based on Firefox they quickly updated to the fixed version but it just goes to show how one little flaw can affect a lot of Downstream projects but if your goal is to write robust bulletproof code you'll need to start with computer science fundamentals and you can start doing that today for free thanks to this video sponsor brilliant their quick rewarding interactive lessons will help you build a foundation for problem solving that every software engineer needs to have brilliant

is where you learn by doing with thousands of interactive lessons in math data analysis programming and AI when you make their python course a habit with just a few minutes of effort each day you'll quickly develop the skills needed to build world changing software and you can do it anywhere even from your phone to try everything brilliant has to offer for free for 30 days visit brilliant.org fireship or scan this QR code for 20% off their premium annual subscription this is been the code report thanks for watching and I will see you in the next

one