Security updates: Firefox and Thunderbird equipped against malware attacks
Attackers can crash the Firefox and Firefox ESR browsers and the Thunderbird mail client, among others.
(Image: heise online)
Anyone surfing with Firefox or Firefox ESR and checking emails with Thunderbird should update the browsers and the mail client promptly for security reasons.
Several software vulnerabilities
If this is not done, attackers can exploit several security vulnerabilities and, in the worst case, compromise systems, according to recent articles in the security section of the Mozilla website. Among other things, malicious code can get onto PCs.
If accessibility options are active, attackers can trigger crashes in an unspecified way (CVE-2024-10459"high"). Malicious code attacks are also conceivable (CVE-2024-10467"medium").
Videos by heise
Security patches
The developers state that they have closed the security vulnerabilities in Firefox 132, Firefox ESR 115.17, Firefox ESR 128.4, Thunderbird 128.4 and Thunderbird 132. It is not clear from the warning messages which operating systems are specifically under threat. It also remains unclear how attacks could take place in detail and whether there are already attacks.
(des)
