Skip to content

Commit b4d5fc9

Browse files
TWangmoDGovEnterpriseadonm
authored
20231124001-Mozilla-Security-Updates-for-Firefox-and-Thunderbird (#419)
* 20231027001-Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability * 20231031001-VVMware-Tools-Multiple-Vulnerabilities * 20231031001-VMware-Tools-Multiple-Vulnerabilities * 20231106001-Cisco-Security-Advisories-for-Multiple-Products-vulnerability * 20231106001-Cisco-Security-Advisories-for-Multiple-Products-vulnerability * 20231109001-Service-Location-Protocol(SLP)-Denial-of-Service-Vulnerability * 20231114001-SysAid-Server-Path-Traversal-Known-Exploited-vulnerability * Update 20231109001-Service-Location-Protocol(SLP)-Denial-of-Service-Vulnerability.md * Update 20231114001-SysAid-Server-Path-Traversal-Known-Exploited-vulnerability.md * 20231115002-Mware-Security-Update-Cloud-Director-Appliance * 20231115002-Mware-Security-Update-Cloud-Director-Appliance * 20231117001-Oracle-Fusion-Middleware-PHP-Remote-File-Inclusion-Vulnerability * 20231117001-Oracle-Fusion-Middleware-PHP-Remote-File-Inclusion-Vulnerability * 20231117001-Oracle-Fusion-Middleware-PHP-Remote-File-Inclusion-Vulnerability * 20231124001-Mozilla-Security-Updates-for-Firefox-and-Thunderbird --------- Co-authored-by: Joshua Hitchen (DGov) <[email protected]> Co-authored-by: Adon Metcalfe <[email protected]>
1 parent f708415 commit b4d5fc9

File tree

1 file changed

+29
-0
lines changed

1 file changed

+29
-0
lines changed

docs/advisories/20231124001-Mozilla-Security-Updates-for-Firefox-and-Thunderbird.md

+29
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
# Mozilla Releases Security Updates for Firefox and Thunderbird - 20231124001
2+
3+
## Overview
4+
5+
Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
6+
7+
8+
## What is vulnerable?
9+
10+
The vulnerability affects the following products:
11+
12+
- [Firefox iOS 120](https://www.mozilla.org/en-US/security/advisories/mfsa2023-51/)
13+
- [Firefox 120](https://www.mozilla.org/en-US/security/advisories/mfsa2023-49/)
14+
- [Firefox ESR 115.5](https://www.mozilla.org/en-US/security/advisories/mfsa2023-50/)
15+
- [Thunderbird 115.5.0](https://www.mozilla.org/en-US/security/advisories/mfsa2023-52/)
16+
17+
## What has been observed?
18+
19+
There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.
20+
21+
## Recommendation
22+
23+
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *one month* (refer [Patch Management](../guidelines/patch-management.md)):
24+
25+
- [Mozilla Security Advisory](https://www.mozilla.org/en-US/security/advisories/)
26+
27+
## Additional References
28+
29+
- [CISA](https://www.cisa.gov/news-events/alerts/2023/11/22/mozilla-releases-security-updates-firefox-and-thunderbird)

0 commit comments

Comments
 (0)