Mozilla releases security updates for Firefox 86, Thunderbird 78.8, Firefox ESR 78.8

Mozilla releases security updates for Firefox 86, Thunderbird 78.8, Firefox ESR 78.8

Hello everyone,

Mozilla has fixed several security vulnerabilities in  Firefox 86, Thunderbird 78.8, Firefox ESR 78.8. The details of the vulnerabilities fixed are as follows:

 Platform
 CVE ID
 Vulnerability
 Impact
 Firefox 86,   Thunderbird 78.8,   Firefox ESR 78.8
 CVE-2021-23968
 Content Security Policy violation report could have contained the destination of a redirect
 High
 Firefox 86,   Thunderbird 78.8,   Firefox ESR 78.8
 CVE-2021-23969
 Content Security Policy violation report could have contained the destination of a redirect
 High
 Firefox 86
 CVE-2021-23970
 Multithreaded WASM triggered assertions validating separation of script domains
 High
 Firefox 86
 CVE-2021-23971 
 A website's Referrer-Policy could have been be overridden, potentially resulting in the full URL being sent as a Referrer
 Moderate
 Firefox 86
 CVE-2021-23972
 HTTP Auth phishing warning was omitted when a redirect is cached
 Low
 Firefox 86,   Thunderbird 78.8,   Firefox ESR 78.8
 CVE-2021-23973
 MediaError message property could have leaked information about cross-origin resources
 Low
 Firefox 86
 CVE-2021-23974
 noscript elements could have led to an HTML Sanitizer bypass
 Moderate
 Firefox 86
 CVE-2021-23975
 about:memory Measure function caused an incorrect pointer operation
 Low
 Firefox 86
 CVE-2021-23976
 Local spoofing of web manifests for arbitrary pages in Firefox for Android
 Moderate
 Firefox 86
 CVE-2021-23977 
 Malicious application could read sensitive data from Firefox for Android's application directories
 Moderate
 Firefox 86,   Thunderbird 78.8,   Firefox ESR 78.8
 CVE-2021-23978
 Memory safety bugs
 High
 Firefox 86
 CVE-2021-23979
 Memory safety bugs fixed in Firefox 86
 High

To patch these vulnerabilities, initiate a sync between the Central Patch Repository and the Desktop Central server. Once synced, search for the following Patch IDs or Bulletin IDs and deploy them to your target systems.

 Patch ID
 Bulletin ID
 Patch Description
 318501
 TU-027
 Mozilla Firefox (86.0)
 318502
 TU-027
 Mozilla Firefox (x64) (86.0)
 318512
 TU-028
 Mozilla Thunderbird (78.8.0)
 318513
 TU-028
 Mozilla Thunderbird (x64) (78.8.0)
 318503
 TU-054
 Mozilla Firefox ESR (78.8.0)
 318504
 TU-054
 Mozilla Firefox ESR (x64) (78.8.0)

Cheers,

The ManageEngine Team 


      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
              See all integrations
              New to ADManager Plus?
              See all integrations
              New to ADManager Plus?

                New to ADSelfService Plus?

                Start your free trial
                Start your free trial



                          Related Products