Carnegie Mellon University School of Computer Science
June 19, 2019

Urgent security patch released for Firefox

Mozilla has updated the Firefox web browser to address an actively-exploited security vulnerability. Firefox users should update to version 67.0.3 or later immediately.

This event has expired. Its previous status was Ongoing.

Mozilla has released an update to version 67.0.3 of the Firefox browser to address a severe security vulnerability that could allow attackers to execute arbitrary code on computers running vulnerable versions.  Mozilla indicated in their security advisory that they are aware of targeted attacks in the wild abusing this flaw.

If you have the Firefox browser on your computer, you should update to the latest version immediately to protect yourself from this vulnerability:

Windows and macOS

Firefox will generally install updates automatically when the application is quit and re-launched, but you can verify whether you are on version 67.0.3 or higher by checking the "About Firefox" window.  On Windows and macOS you can also manually download the latest version of Firefox to install it yourself, if preferred.


Ubuntu Linux computers that are enrolled in Software Support through SCS Computing Facilities will update automatically overnight as long as they are not powered off.  You can also manually update using the vendor-provided packages by running apt-get update followed by apt-get upgrade firefox.


If you have any questions about this alert, please contact the SCS Help Desk at, by calling 412-268-4231, or by visiting GHC 4201.