Yesterday Firefox released version 67.0.4 to address two extremely critical updates which allow a hacker to gain access to your Mac if you visit a website that has malicious code. If you think you’re safe because you don’t go to untrustworthy websites, remember that legitimate websites have very little control over the advertisements that get inserted into them.
This exploit, though not widespread, has been used in the wild already to target users of cryptocurrency.
All Firefox users should update to the latest version immediately.
To update, click the Firefox menu and choose “About Firefox”. If the version number is not 67.0.4 it should offer to restart to update. If it doesn’t you may be using an extremely old version of Firefox and you’ll need to manually download and install the latest version. Repeat this process until it says 67.0.4 (or later) as sometimes one update is a prerequisite for another.
Firefox 67 requires at least OS X 10.9 Mavericks or later. If you’re running an older operating system I strongly suggest you update your software or replace the computer. Apple does not release security patches for any software older than macOS 10.12 Sierra, which will run on Mac as old as Late 2009 models.