Attackers were able to confuse the parent process into leaking handles into unpriviled child processes leading to a sandbox escape. The original vulnerability was being exploited in the wild.

This only affects Firefox on Windows. Other operating systems are unaffected.