If you're using Firefox as your go-to web browser, you might want to update it as soon as possible. Earlier today, Mozilla rushed out version 72.0.1 (and ESR 68.4.1) to fix a vulnerability that is actively being exploited in the wild to take complete control of machines running the vulnerable bits of the popular open source browser.
If you need another reason to be worried about using an unpatched version, the United States Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory explaining that there is sufficient evidence that hackers are taking advantage of this zero-day flaw.
In simple terms, it's a memory bug where a program allocates resources as one type but later accesses those resources as a different type. This allows attackers to access data stored in other memory locations that are normally off-limits, and execute code on a vulnerable system through specially crafted web pages.
The flaw has been fixed in Firefox 72.0.1, just 24 hours after version 72 was released with fixes for 11 other vulnerabilities. Last year, two serious zero-day flaws allowed attackers to slip a largely undetected backdoor on Macs used by operators of cryptocurrency exchange Coinbase.