Mozilla releases security updates for Firefox 88.01, Firefox ESR 78.10.1, and Thunderbird 78.10.1

Hello everyone,

Mozilla has fixed several security vulnerabilities in Firefox 88.01, Firefox ESR 78.10.1, and Thunderbird 78.10.1. One critical vulnerability in Firefox has been fixed in this release. The details of the vulnerabilities fixed are as follows:

Platform	CVE ID	Vulnerability	Impact
Firefox ESR 78.10.1, Thunderbird 78.10.1	CVE-2021-29951	Mozilla Maintenance Service could have been started or stopped by domain users	Moderate
Firefox 88.01	CVE-2021-29952	Race condition in Web Render Components	High
Firefox 88.01	CVE-2021-29953	Universal Cross-Site Scripting	Critical

To patch these vulnerabilities, initiate a sync between the Central Patch Repository and the Vulnerability Manager Plus server. Once synced, search for the following Patch IDs or Bulletin IDs and deploy them to your target systems.

Patch ID	Bulletin ID	Patch Description
319434	TU-054	Mozilla Firefox ESR (78.10.1)
319435	TU-054	Mozilla Firefox ESR (x64) (78.10.1)
319444	TU-028	Mozilla Thunderbird (78.10.1)
319445	TU-028	Mozilla Thunderbird (x64) (78.10.1)
319454	TU-027	Mozilla Firefox (88.0.1)
319455	TU-027	Mozilla Firefox (x64) (88.0.1)