Mozilla releases security updates for Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2

Mozilla releases security updates for Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2

Hello everyone,

Mozilla has fixed several high severity security vulnerabilities in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2. The details of the vulnerabilities fixed are as follows:

 Platform CVE ID Vulnerability Impact
 Firefox ESR 91.2, Firefox 93, Firefox ESR 78.15 CVE-2021-38496 Use-after-free in MessageTask High
 Firefox ESR 91.2, Firefox 93 CVE-2021-38497 Validation message could have been overlaid on another origin Moderate
 Firefox ESR 91.2, Firefox 93 CVE-2021-38498 Use-after-free of nsLanguageAtomService object Moderate
 Firefox 93 CVE-2021-38499 Memory safety bugs fixed in Firefox 93 High
 Firefox ESR 91.2, Firefox 93, Firefox ESR 78.15 CVE-2021-38500 Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2 High
 Firefox ESR 91.2, Firefox 93 CVE-2021-38501 Memory safety bugs fixed in Firefox 93 and Firefox ESR 91.2 High
 Firefox ESR 91.2, Firefox 93 CVE-2021-32810 Data race in crossbeam-deque Moderate

To patch these vulnerabilities in Windows, initiate a sync between the Central Patch Repository and the Patch Manager Plus server. Once synced, search for the following Patch IDs or Bulletin IDs and deploy them to your target systems.

 Patch ID Bulletin ID Patch Description
 321750 TU-054 Mozilla Firefox ESR (78.15.0)
 321751 TU-054 Mozilla Firefox ESR (91) (91.2.0)
 321752 TU-054 Mozilla Firefox ESR (x64) (78.15.0)
 321770 TU-054 Mozilla Firefox ESR (91) (x64) (91.2.0)
 321748 TU-027 Mozilla Firefox (93.0)
 321749 TU-027 Mozilla Firefox (x64) (93.0)

Cheers,

The ManageEngine Team