Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR and Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

Affected Systems

• Firefox – versions prior to 124

• Firefox ESR – versions prior to 115.9

• Thunderbird – versions prior to 115.9

Security Risks

The vulnerabilities identified in Mozilla Firefox and Firefox ESR pose a significant security risk as they can be exploited by cyber-attacks. These vulnerabilities have the potential to cause memory corruption, execute malicious code, compromise data, gain control of systems, and allow unauthorized access.

Recommended Actions

The National Cyber Security Authority (NCSA) strongly recommends to system administrators to:

• Follow Mozilla's Security Advisories to lower the risk of potential exploits, protect systems, and ensure their security.

• Apply the required and latest security updates as soon as possible.

        The released software version to upgrade to are:

• Mozilla Firefox 124.0

• Mozilla Firefox ESR 115.9.0

• Thunderbird 115.9.0

• Before any update task, please ensure you have a recent backup that can easily be restored.

For further information and support, please contact NCSA by email at rwcsirt@ncsa.gov.rw or call us on 9009.

References

https://www.mozilla.org/en-US/security/advisories/