Several critical vulnerabilities have been reported in Mozilla Firefox, Thunderbird, and SeaMonkey applications which allow an attacker to escalate privileges, acquire authentication credentials, install programs, and alter data with full user rights.
Affected versions include:
- Firefox versions prior to 25.0
- Firefox Extended Support Release (ESR) versions prior to 17.0.10
- Thunderbird versions prior to 24.1
- Thunderbird Extended Support Release (ESR) versions prior to 17.0.10
- SeaMonkey versions prior to 2.22
Mozilla recommends the following actions be taken:
- Upgrade vulnerable Mozilla products immediately after appropriate testing.
- Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources.
- Do not open email attachments or click on URLs from unknown or untrusted sources.
- Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
Read More Here…