Mozilla Firefox and Firefox ESR are prone to a security-bypass vulnerability. An attacker may leverage this issue to bypass certain security restrictions and perform unauthorized actions. This issue is fixed in: Firefox 67.0. Firefox ESR 60.7.2
Run all software as a nonprivileged user with minimal access rights.
Run all non-administrative software as a non-administrative user with the least amount of privileges required to successfully operate. This will greatly reduce the potential damage that successful exploitation may achieve.
Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes but is not limited to unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.
Do not follow links provided by unknown or untrusted sources.
Never follow links provided by unknown or untrusted sources.
Updates are available. Please see the references or vendor advisory for more information.