Mozilla Releases Security Updates for Firefox and Thunderbird - 20231221002

Overview

Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

What is the vulnerability?

For a list of CVE's for:

• Firefox ESR 115.6, please refer to Mozilla Foundation Security Advisory 2023-54
• Thunderbird 115.6, please refer to Mozilla Foundation Security Advisory 2023-55
• Firefox 121, please refer to Mozilla Foundation Security Advisory 2023-56

What is vulnerable?

The vulnerability affects the following products:

• Firefox 121
• Firefox ESR 115.6
• Thunderbird 115.6

What has been observed?

There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of one month... (refer Patch Management).

Additional References

• Mozilla Releases Security Updates for Firefox and Thunderbird | CISA