Security Advisory - Mozilla Firefox and Thunderbird Vulnerabilities

Mozilla has released a Security Advisory which details a number of vulnerabilities in several versions of the Firefox Internet browser and Thunderbird email client. The advisory outlines multiple vulnerabilities in the following products:

• Firefox versions prior to 22.0 • Firefox Extended Support Release (ESR) versions prior to 17.0.7 • Thunderbird versions prior to 17.0.7 • Thunderbird Extended Support Release (ESR) versions prior to 17.0.7

These vulnerabilities could allow remote code execution, cause affected applications to crash, potentially leak sensitive information, and allow privilege escalation or unauthorized access in a number of different contexts.

Full details about the vulnerabilities can be found on Mozilla’s website.

NCSC recommends that administrators, where possible and in accordance with their organisational policies, update Firefox and Thunderbird to the current latest available version 22.0 and 17.0.7 respectively.