Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

Affected Systems

• Mozilla Firefox 118.

• Firefox for iOS < 119.

• Mozilla Firefox ESR 115.3.

• Mozilla Thunderbird 115.3.

Security Risks

The identified vulnerabilities in Mozilla Firefox, Firefox ESR, and Thunderbird pose a security risk, allowing cyber-attacks. They can lead to memory corruption, code execution, data compromise, system control, and unauthorized access.

Recommended Actions

The National Cyber Security Authority (NCSA) strongly recommends to system administrators to:

• Follow Mozilla's Security Advisories to lower the risk of potential exploits, protect systems, and ensure their security.

• Apply the required and latest security updates as soon as possible.

        The released software version to upgrade to are:

• Mozilla Firefox 119.

• Firefox for iOS 119

• Mozilla Firefox ESR 115.4.

• Mozilla Thunderbird 115.4.1.

• Before any update task, please ensure you have a recent backup that can easily be restored.

For further information and support, please contact NCSA by email at rwcsirt@ncsa.gov.rw or call us on 9009.

References

https://www.mozilla.org/en-US/security/advisories/