Mozilla has released an emergency security update for Firefox on Windows to fix a critical vulnerability that could allow attackers to escape browser sandboxes and potentially take control of affected systems. The flaw, found in Firefox’s Inter-Process Communication (IPC) code, is similar to a recent Chrome zero-day (CVE-2025-2783) and affects versions prior to Firefox 136.0.4, ESR 128.8.1, and ESR 115.21.1. While Mozilla has not confirmed active exploitation, users are urged to update immediately via the browser’s update settings to mitigate potential risks.

‍