Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR and Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

Affected Systems but not limited to:

• Mozilla Firefox 130

• Mozilla Firefox ESR 128.2

• Mozilla Firefox ESR 115.15

• Mozilla Thunderbird 130

• Mozilla Thunderbird 128.2

Security Risks

The identified vulnerabilities in Mozilla Firefox, Firefox ESR and Thunderbird pose a security risk, allowing cyber-attacks. They can lead to memory corruption, code execution, data compromise, system control, and unauthorized access.

Recommended Actions

The National Cyber Security Authority (NCSA) strongly recommends to system administrators to:

• Follow Mozilla's Security Advisories to lower the risk of potential exploits, protect systems, and ensure their security.

• Apply the required and latest security updates as soon as possible.

        The released software version to upgrade to, are but are not limited to:

• Mozilla Firefox 131.0.2.

• Mozilla Firefox ESR 128.3.1.

• Mozilla Firefox ESR 115.16.1

• Mozilla Thunderbird 131

• Mozilla Thunderbird 128.3

• Before any update task, please ensure you have a recent backup that can easily be restored.

For further information and support, please contact NCSA by email at rwcsirt@ncsa.gov.rw or call us on 9009.

References

https://www.mozilla.org/en-US/security/advisories/