it.ucsf.edu

Security Update:Mozilla Released Critical Updates for the Newly Released Firefox and Firefox ESR

Status Type

Security Update

Date and Time

Wednesday, January 27, 2016 - 17:52

Reason

Security Update

Impact

Firefox Users

WHAT HAPPENED?
The Mozilla Foundation released security updates to address multiple critical vulnerabilities in the newly released Firefox and Firefox ESR.

Mozilla classifies a critical vulnerability when no user interaction beyond normal browsing is required to exploit vulnerabilities.

Advanced Users: For a complete description of the security enhancement and affected software refer to Mozilla Foundation Security Advisories:


AFFECTED SYSTEMS:

  • Firefox 44
  • Firefox ESR 38.6


WHAT'S THE PROBLEM?
Exploitation of the vulnerability may allow an attacker to take control of your computer.

In general these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled, but are potentially a risk in browser or browser-like contexts.


HOW DO I PROTECT MY COMPUTER?

Update your software

  1. If you are supported by ITFS or have different IT support, no action on your part is required.
  2. If you do not have IT support or they do not support your computer, Firefox is setup by default to auto update.


RELATED LINKS