Hello everyone,
Mozilla has fixed a critical security vulnerability in Firefox 85.0.1 and Firefox ESR 78.7.1. This vulnerability is due to the Buffer overflow in depth pitch calculations for compressed textures in the Angle Graphics Library. It affects only the Windows Operating system and hasn't been assigned a CVE ID yet.
Microsoft has also released an update to address CVE-2021-21148: Heap buffer overflow in V8, in Edge (Chromium based). This vulnerability is reportedly exploited in the wild.
To patch these vulnerabilities using Patch Manager Plus, initiate a sync between the Central Patch Repository and the Patch Manager Plus server. Once synced, search for the Patch IDs or Bulletin IDs relevant to the updates you want installed and deploy them to your target systems.
Software
| Patch ID
| Bulletin ID
| Patch Description
|
Firefox
| 318257
| TU-027
| Mozilla Firefox (85.0.1)
|
Firefox
| 318258
| TU-027
| Mozilla Firefox (x64) (85.0.1)
|
Firefox ESR
| 318259
| TU-054
| Mozilla Firefox ESR (78.7.1)
|
Firefox ESR
| 318260
| TU-054
| Mozilla Firefox ESR (x64) (78.7.1)
|
Edge for Chromium
| 318255
| TU-1035
| Microsoft Edge for chromium business (88.0.705.63)
|
Edge for Chromium
| 318256
| TU-1035
| Microsoft Edge for chromium business (x64) (88.0.705.63)
|
Cheers,
The ManageEngine team