Mozilla Releases Security Updates for Firefox and Thunderbird

["US-CERT" <US-CERT () ncas us-cert gov>]

NCCIC / US-CERT

National Cyber Awareness System:

Mozilla Releases Security Updates for Firefox and Thunderbird [ 
https://www.us-cert.gov/ncas/current-activity/2014/10/15/Mozilla-Releases-Security-Updates-Firefox-and-Thunderbird ] 
10/15/2014 07:51 AM EDT 
Original release date: October 15, 2014

The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox and Thunderbird. 
Exploitation of these vulnerabilities may allow an attacker to obtain sensitive information, bypass same-origin policy 
and key pinning, cause an exploitable crash, conduct a man-in-the-middle attack, or execute arbitrary code.

The following updates are available:


  * Firefox 33 
  * Firefox ESR 31.2 
  * Thunderbird 31.2 

Users and administrators are encouraged to review the Security Advisories for Firefox [ 
https://www.mozilla.org/security/known-vulnerabilities/firefox.html ], Firefox ESR [ 
https://www.mozilla.org/security/known-vulnerabilities/firefoxESR.html ] and Thunderbird [ 
https://www.mozilla.org/security/known-vulnerabilities/thunderbird.html ] to determine which updates should be applied 
to mitigate these risks.

 

________________________________________________________________________

This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy 
& Use [ http://www.us-cert.gov/privacy/ ] policy.

________________________________________________________________________

OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ 
http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ 
http://www.us-cert.gov/related-resources ] 

STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]