Mozilla Foundation developers patched multiple vulnerabilities in updated versions of Firefox, Firefox ESR, and Thunderbird. The US cyber security agency CISA warns that attackers could abuse some of these vulnerabilities to take over affected systems.
None of the vulnerabilities in Firefox or Thunderbird are critical
In version 101 of the Firefox web browser, the programmers have closed eight security gaps that they classify as high risk. Four of the closed gaps therefore represented a medium and one a low risk.
In the long-term support version, Firefox ESR 91.10, the developers patch seven high-risk and one medium-risk leaks. Thunderbird 91.10, on the other hand, provides fixes for eight high-risk and one medium-risk vulnerabilities.
The software developers do not classify any of the security gaps as critical. But at the latest the warning from the US authority CISA, which speaks of a possible takeover of systems by malicious actors, should make the urgency of the update clear.
Install updates quickly
Both Firefox and Thunderbird have an automatic update mechanism for this. However, depending on the usage profile, it can take hours to days to find and set up the update. Users are therefore advised to check the installed version – this may also prompt the download and installation of the available update.
To do this, users must open the application menu by clicking on the symbol with the three horizontal stripes. Under “Help” you will find the item “About Firefox”. Here the browser shows the currently installed version; if an update is available and installed, a browser restart may be required. To activate the new version, the should be executed immediately.
In Thunderbird, the last menu item is called “About Thunderbird”. Linux users can usually not use an integrated updater, but have to wait for updated packages from their distribution. You should therefore start the package manager and look for updates there and have them installed.
To home page
#Patched #vulnerabilities #Firefox #Thunderbird