Anyone who surfs with Firefox or Firefox ESR and retrieves emails with Thunderbird should update their browsers and email clients promptly for security reasons. Attackers can cause the Firefox and Firefox ESR browsers and the Thunderbird email client to crash, among other things.

Several software vulnerabilities

If this is not done, according to recent posts in the security section of the Mozilla website, attackers can exploit several security vulnerabilities and, in the worst case, compromise systems. This can include malicious code getting onto PCs.

If accessibility options are active, attackers can trigger crashes in an unspecified way (CVE-2024-10459 high). Malicious code attacks are also conceivable (CVE-2024-10467 medium).

Security patches

The developers say they have fixed the security vulnerabilities in Firefox 132, Firefox ESR 115.17, Firefox ESR 128.4, Thunderbird 128.4 and Thunderbird 132. The warnings do not indicate which operating systems are specifically at risk. It also remains unclear how attacks might proceed in detail and whether attacks have already taken place.