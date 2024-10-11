New Delhi: If you use Mozilla Firefox, it's time to take caution. The Indian government has issued a new security warning for Firefox users and have pointed out serious vulnerabilities in the browser. The Indian Computer Emergency Response Team (CERT-In) has flagged these issues which could allow hackers to take control of your device. To protect yourself, it's important to update your browser right away and secure your system from potential attacks.

The advisory, tagged as CIVN-2024-0317 highlights serious security flaws in several Mozilla products. Users of Mozilla Firefox versions before 131, Firefox ESR versions earlier than 128.3 and 115.16, and Thunderbird versions below 128.3 and 131 are particularly vulnerable. These flaws could allow attackers to gain unauthorized access to affected systems if exploited. Users of these versions are urged to update immediately to protect their devices.

Which Software are affected?

Here are the Mozilla products affected by the vulnerabilities:

- Mozilla Firefox: Versions before 131

- Mozilla Firefox ESR: Versions before 128.3 and 115.16

- Mozilla Thunderbird: Versions before 128.3 and 131

If you're using any of these older versions, it's important to update your software to stay protected.

The advisory explains that attackers could take advantage of these vulnerabilities in Mozilla Firefox and Thunderbird using various methods, such as:

The advisory warns that attackers could use various techniques to exploit vulnerabilities in Mozilla Firefox and Thunderbird. One method involves disguising harmful downloads with misleading filenames which makes it difficult for users to tell them apart from safe files. Attackers might also use clickjacking to trick users into interacting with dangerous content.

Moreover, specially crafted WebTransport requests could lead to denial-of-service (DoS) attacks. Most concerning are memory safety bugs that could let attackers execute malicious code, potentially taking full control of affected systems.

Here’s how To protect Your Devices:

To protect your device from these serious vulnerabilities, CERT-In recommends updating your software immediately. Follow these simple steps to check if you're using the latest version of Mozilla Firefox or Thunderbird:

- Open the menu in Mozilla Firefox or Thunderbird.

- Go to the “Help” section.

- Click on “About Firefox” or “About Thunderbird.”

- Check for any available updates. If updates are available, they will start installing automatically.

- If an update is available, a pop-up will prompt you to install it.

- Once the update is complete, a green checkmark will confirm that your software is up to date.//

By following these steps and regularly updating your software, you can greatly lower your risk of cyberattacks. Keeping your browser and email client up to date is a simple yet crucial way to protect your online safety and security.