Qihoo 360 ATA researchers first reached out to Mozilla in order to report the vulnerability. Mozilla's advisory states they are "aware of targeted attacks in the wild abusing this flaw." It seems like the vulnerability was exploited in the wild as a zero-day. More details about the exploitation are awaited. Last year, Mozilla patched CVE-2019-11707, another type of confusion vulnerability that was used in conjunction with CVE-2019-11708, a sandbox escape vulnerability in targeted attacks.
To address CVE-2019-17026 vulnerability, Mozilla released Firefox 72.0.1 and Firefox ESR 68.4.1. Since this vulnerability has been exploited in targeted attacks, Firefox users are advised to upgrade as soon as possible.
Last month, Mozilla announced the rollout of Firefox Preview 3.0. The upcoming, brand new version of the Firefox browser for Android is based on a revised rendering engine. It consists of features like improved tracking protections, in addition to an updated workflow menu as well as the ability to move the navigation bar to the top, among other enhancements. It also claims to provide users with better security.
Picture: Official Mozilla website