Mozilla releases security updates for Firefox 89 and Firefox ESR 78.11

Mozilla releases security updates for Firefox 89 and Firefox ESR 78.11

Hello everyone,

Mozilla has fixed several security vulnerabilities in  Firefox 89 and Firefox ESR 78.11. The details of the vulnerabilities fixed are as follows:

 Platform CVE ID Vulnerability Impact
 Firefox 89 CVE-2021-29959 Devices could be re-enabled without additional permission prompt Low
 Firefox 89 CVE-2021-29960 Filenames printed from private browsing mode incorrectly retained in preferences Moderate
 Firefox 89 CVE-2021-29961 Firefox UI spoof using `<select>` elements and CSS scaling Moderate
 Firefox 89 CVE-2021-29962  No rate-limiting for popups on Firefox for Android Low
 Firefox 89 CVE-2021-29963 Shared cookies for search suggestions in private browsing mode Moderate
 Firefox 89, Firefox ESR 78.11 CVE-2021-29964 Out of bounds-read when parsing a `WM_COPYDATA` message Moderate
 Firefox 89 CVE-2021-29965 Password Manager on Firefox for Android susceptible to domain spoofing High
 Firefox 89 CVE-2021-29966 Memory safety bugs fixed in Firefox 89 Moderate
 Firefox 89, Firefox ESR 78.11  CVE-2021-29967 Memory safety bugs fixed in Firefox 89 and Firefox ESR 78.11 High

To patch these vulnerabilities, initiate a sync between the Central Patch Repository and the Patch Manager Plus server. Once synced, search for the following Patch IDs or Bulletin IDs and deploy them to your target systems.

 Patch ID Bulletin ID Patch Description
 319855 TU-027 Mozilla Firefox (89.0)
 319856 TU-027 Mozilla Firefox (x64) (89.0)
 319857 TU-054 Mozilla Firefox ESR (78.11.0)
 319858 TU-054 Mozilla Firefox ESR (x64) (78.11.0)


The ManageEngine Team