Security update Mozilla VPN 2.71 available
Mozilla's VPN client could download malicious code.
David FischerThere is an important security update for Mozilla VPN. After successful attacks, attackers could take over systems.
If you surf the Internet with Mozilla's VPN client, you should update the application for security reasons. Otherwise, attackers could push malicious code onto computers and execute them.
According to a warning issued by Mozilla, the developers classify the vulnerability (CVE-2022-0517) as high.
Due to an error, the client could load a malicious OpenSSL configuration file from an unsecured directory. It should then be possible to run malicious code with system rights. This usually leads to the complete compromise of a system.
About Author
David Fischer
I am a technology writer for UpdateStar, covering software, security, and privacy as well as research and innovation in information security. I worked as an editor for German computer magazines for more than a decade before starting to be a team member at UpdateStar.