Firefox 141 Fixes Critical JavaScript and WebAssembly Bugs

Firefox 141 Fixes Critical JavaScript and WebAssembly Bugs

The Firefox 141 security update is here—and if you’re using Mozilla’s browser, it’s time to patch up. This new release fixes 18 vulnerabilities, some of which could allow attackers to run malicious code on your system.

Mozilla’s latest update addresses both critical and moderate-level issues. Mozilla urges users on 64-bit Windows, Linux, and ARM64 to upgrade immediately.

Critical Flaws in JavaScript Execution

Two of the most dangerous bugs involved how Firefox executes JavaScript, the engine powering most of the web.

The first flaw was found in IonMonkey, Firefox’s JavaScript optimization engine. On 64-bit systems, it could save only part of a calculation’s result. This made it possible for attackers to trigger memory errors and potentially execute code.

The second issue was discovered in Firefox’s handling of WebAssembly. This tech lets websites run high-performance code. But on some mobile devices, the browser could mishandle instructions, opening the door to unpredictable behavior and remote exploits.

Moderate Risks: URLs, Dev Tools, and Sandboxes

Several other flaws were labeled moderate, but still posed real threats:

  • JavaScript URLs in <object> or <embed> tags could execute without warning.
  • A developer tool called “Copy as cURL” allowed user-assisted code execution.
  • Firefox incorrectly truncated long URLs in some cases.
  • Sandbox escape vulnerabilities allowed malicious iframes to sidestep restrictions.
  • A bug involving cookie shadowing could result in privacy issues or privilege confusion.

Attackers could exploit most of the remaining memory safety bugs to crash the browser or run malicious code.

Mozilla Urges Immediate Updates

The Firefox 141 security update is essential for anyone on:

  • 64-bit Windows or Linux
  • ARM64-based devices (like Android phones and Apple M1/M2 chips)

Failing to update could leave users exposed to remote code execution, data theft, or privilege escalation.

Conclusion

The Firefox 141 security update isn’t just another patch—it’s a must-have protection against serious vulnerabilities. With JavaScript and WebAssembly bugs now closed, Mozilla reminds users that delaying updates risks much more than a slower browser. Update now, or risk exploitation later.

Siyana Georgieva

0 responses to “Firefox 141 Fixes Critical JavaScript and WebAssembly Bugs”