Mozilla has provided nine security advisories as part of the Firefox 35 update, three of them rated as critical.
Among the critical advisories is MSFA-2015-01, which details memory safety issues in Firefox. There is also a critical security advisory for a read-after-free vulnerability in WebRTC, which is the underlying technology that enables the Firefox Hello communications feature.
The third critical advisory included with the Firefox 35 browser release is a media sandbox escape issue that impacts the Gecko Media Plugin (GMP).
“This bug would allow an attacker to escape or bypass the GMP sandbox if another exploitable bug is found in a GMP media plugin which allowed them to compromise the GMP process,” Mozilla warned in its advisory.