Mozilla has released security updates to address vulnerabilities in Thunderbird, Firefox for iOS, Firefox ESR, and Firefox. Some of these vulnerabilities could be exploited by a cyber-threat actor to take control of an affected system.

Affected Systems

• Mozilla Thunderbird 115.4.

• Firefox for iOS 119.

• Mozilla Firefox ESR 115.4.

• Mozilla Firefox 119.

Security Risks

The identified vulnerabilities in Mozilla Thunderbird, Firefox for iOS, Firefox, and Firefox ESR pose a security risk, enabling cyber-attacks that can result in memory corruption, code execution, data compromise, system control, and unauthorized access.

Recommended Actions

The National Cyber Security Authority (NCSA) strongly recommends to system administrators to:

• Follow Mozilla's Security Advisories to lower the risk of potential exploits, protect systems, and ensure their security.

• Apply the required and latest security updates as soon as possible.

        The released software version to upgrade to are:

• Mozilla Thunderbird 115.5.  

• Firefox for iOS 120.

• Mozilla Firefox ESR 115.5.0.

• Mozilla Firefox 120.

• Before any update task, please ensure you have a recent backup that can easily be restored.

For further information and support, please contact NCSA by email at rwcsirt@ncsa.gov.rw or call us on 9009.

References

https://www.mozilla.org/en-US/security/advisories/