Firefox 115.0.2 fixes a security issue and several crashes

Mozilla has released the second Firefox 115 point release today. Firefox 115.0.2 and Firefox 115.0.2 ESR address a security issue in the web browser, several startup crashes and other non-security issues.

Firefox 115.0 and Firefox 115.0.1 were both released last week.

The latest version of Firefox is available via the web browser's automatic updating feature already. Selecting Menu > Help > About Firefox displays the current version of the browser. Opening the about page launches an automatic check for updates as well; the new version should be picked up by Firefox then.

Users may also download it directly from the official Mozilla Firefox website if they prefer to do so.

Firefox 115.0.2 and 115.0.2 ESR address a single security issue in the web browser. The security advisories page lists one security issue that addresses a use-after-free vulnerability in workers. The severity rating of the vulnerability is moderate, a fairly low rating. The overall rating of the update, however, is set to high. It is unclear whether this is an error on Mozilla's behalf or if some information has not been added to the security advisories yet.

The official release notes list several crashes, all of which affect Firefox on Windows systems. The first crash affects Firefox on Windows 7 systems only. Mozilla reveals that it is a crash related to the browser's DLL blocklist feature, but does not provide specifics.

Mozilla introduced capabilities recently that allow Firefox users to block third-party DLL injections in the browser.

The second crash fix addresses an issue that "some" Windows users experienced after Firefox blocked "instances of a malicious injected DLL".  The bug report on Bugzilla lists Windows 10 as the affected operating system. Mozilla notes there that the crash is, likely, caused by malware that is installed on the user's device.

The release notes list three additional bugs, all non-security, that Mozilla addressed in Firefox 115.0.2:

• A bug with audio rendering on some sites has been addressed.
• A patternTransform translate bug using the wrong units has been addressed.
• Fixed a caret displaying bug in "some text editors on some websites".

Firefox users may want to install the update as soon as possible to protect the browser against potential attacks targeting the security vulnerability. Those affected by crashes may also want to patch early. Users who may have malware on their devices that has been causing the crash of Firefox need to scan their devices using up-to-date security software.

Windows Defender is installed on Windows 10 devices by default, but there are other options, including Bitdefender Antivirus Free.

Source