Security Alert: Critical Mozilla Firefox vulnerabilities
Date:
2022-03-07 16:21:00
Status:
Closed
Brief Description:
Mozilla has announced two critical security vulnerabilities in Firefox that are being actively exploited. Please update to Firefox 97.0.2 or Firefox Extended Support Release (ESR) 91.6.1 as soon as possible.
Current Status:
N/A
Services Affected:
Certified Desktop
Full Description:
Mozilla has announced two critical security vulnerabilities in Firefox that are being actively exploited. Exploitation of these vulnerabilities may allow an attacker to run arbitrary commands on your computer. Please update to Firefox 97.0.2 or Firefox Extended Support Release (ESR) 91.6.1 as soon as possible.
Certified Desktop customers should have the patch available today, 3/7, with a deadline installation of Tuesday, 3/8 at 4:00 pm, pending availability from the service's patch catalog. Users who do not have a managed computer should check for updates and install them.
Mozilla notes the additional products below are also vulnerable and should also be patched:
* Firefox for Android - update to Firefox 97.3
* Firefox Focus for Android - update to Firefox Focus 97.3
* Mozilla Thunderbird - update to Thunderbird 91.6.2
More information is available here:
https://www.bleepingcomputer.com/news/security/mozilla-firefox-9702-fixes-two-actively-exploited-zero-day-bugs/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-09/
For how to update Firefox on an unmanaged computer, see:
https://support.mozilla.org/en-US/kb/update-firefox-latest-release
Certified Desktop customers should have the patch available today, 3/7, with a deadline installation of Tuesday, 3/8 at 4:00 pm, pending availability from the service's patch catalog. Users who do not have a managed computer should check for updates and install them.
Mozilla notes the additional products below are also vulnerable and should also be patched:
* Firefox for Android - update to Firefox 97.3
* Firefox Focus for Android - update to Firefox Focus 97.3
* Mozilla Thunderbird - update to Thunderbird 91.6.2
More information is available here:
https://www.bleepingcomputer.com/news/security/mozilla-firefox-9702-fixes-two-actively-exploited-zero-day-bugs/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-09/
For how to update Firefox on an unmanaged computer, see:
https://support.mozilla.org/en-US/kb/update-firefox-latest-release
CIT TDX ID: