Mozilla releases security updates for Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2
Hello everyone,
Mozilla has fixed several high severity security vulnerabilities in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2. The details of the vulnerabilities fixed are as follows:| Platform | CVE ID | Vulnerability | Impact |
| Firefox ESR 91.2, Firefox 93, Firefox ESR 78.15 | CVE-2021-38496 | Use-after-free in MessageTask | High |
| Firefox ESR 91.2, Firefox 93 | CVE-2021-38497 | Validation message could have been overlaid on another origin | Moderate |
| Firefox ESR 91.2, Firefox 93 | CVE-2021-38498 | Use-after-free of nsLanguageAtomService object | Moderate |
| Firefox 93 | CVE-2021-38499 | Memory safety bugs fixed in Firefox 93 | High |
| Firefox ESR 91.2, Firefox 93, Firefox ESR 78.15 | CVE-2021-38500 | Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 | High |
| Firefox ESR 91.2, Firefox 93 | CVE-2021-38501 | Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2 | High |
| Firefox ESR 91.2, Firefox 93 | CVE-2021-32810 | Data race in crossbeam-deque | Moderate |
To patch these vulnerabilities in Windows, initiate a sync between the Central Patch Repository and the Vulnerability Manager Plus server. Once synced, search for the following Patch IDs or Bulletin IDs and deploy them to your target systems.
| Patch ID | Bulletin ID | Patch Description |
| 321750 | TU-054 | Mozilla Firefox ESR (78.15.0) |
| 321751 | TU-054 | Mozilla Firefox ESR (91) (91.2.0) |
| 321752 | TU-054 | Mozilla Firefox ESR (x64) (78.15.0) |
| 321770 | TU-054 | Mozilla Firefox ESR (91) (x64) (91.2.0) |
| 321748 | TU-027 | Mozilla Firefox (93.0) |
| 321749 | TU-027 | Mozilla Firefox (x64) (93.0) |
Cheers,
The ManageEngine Team