Mozilla Firefox Users Beware: Indian watchdog, the Computer Emergency Response Team (CERT-In), has issued a security advisory for the popular web browser, Mozilla Firefox. The warning calls for immediate action, as CERT-In has flagged major vulnerabilities in the browser and related software. These vulnerabilities make the browser prone to cyber-attacks, allowing cybercriminals to remotely exploit systems. The issues identified also affect its Extended Support Release (ESR) and Thunderbird email client. 

COMMERCIAL BREAK
SCROLL TO CONTINUE READING

Designated as advisory CIVN-2024-0317, the security note outlines vulnerabilities found in various Mozilla products. Particularly, the Mozilla Firefox versions prior to 131, Thunderbird versions earlier than 128.3 and 131, and Firefox ESR versions before 128.3 and 115.16 have been categorized as ‘high risk’. 

One of the major concerns is that hackers can bypass security features and compromise content processes. This implies that malicious websites can breach the standard security standards, putting users at greater risk. Additionally, cross-origin vulnerabilities may allow harmful sites to bypass security restrictions, jeopardising users’ security. 

In recent times, attackers have found ways to mislead users by disguising malicious downloads with deceptive filenames. Therefore, it becomes tricky to distinguish between safe and harmful sites. Clickjacking is another method hackers use to trick users into interacting with harmful interfaces with malicious motives. Specially crafted WebTransport requests can breach the security by triggering denial-of-service (DoS) attacks. 

As the serious threats look, CERT-In has advised users to update their software immediately. Follow these steps to ensure safety of your device if you are running the latest Firefox or Thunderbird versions: 

- Open the menu in Thunderbird or Mozilla Firefox.

- Go to the ‘Help’ section.

- Navigate to ‘About Firefox’ or ‘About Thunderbird’.

- A pop-up will prompt if an update is available.

- Check for any updates and allow them to install.

- After the software is updated, you see a green checkmark, which indicates that your software is updated.