Since There Aren’t Enough Infections Right Now, Apparently
Sadly the bad actors out there distributing malware, viruses and other unsavoury programs are not taking a break during the current pandemic, if anything they have increased their efforts. In this case it is the world’s third most popular web browser which is being targeted currently but there is also good news in the form of a patch you should be checking for as soon as possible.
In this case the vulnerability being exploited is a use-after-free() error, which a website configured to take advantage of the exploit would be able to access a block of allocated memory after it has been freed and theoretically code could then be added which your machine would then run. At that point the attacker would have at least some control over your machine, depending on what payload was injected into your memory. The Register delves deeper into what this could be used for.
Check your Firefox and hit that update button if you are not on 74.0.1 or and 68.6.1 if you use Firefox Extended Support Release.
"An attacker could exploit these vulnerabilities to take control of an affected system," US CISA said, without providing any specific details about the two bugs. "These vulnerabilities have been detected in exploits in the wild."