Mozilla rolled out security updates for Firefox and Thunderbird, addressing a total of 21 vulnerabilities. Firefox 121 fixed 18 issues, including a heap buffer overflow in WebGL (CVE-2023-6856) that could lead to remote code execution. Another concern, CVE-2023-6135, involved rendering NSS NIST curves, potentially susceptible to a side-channel attack. Thunderbird 115.6, launched concurrently, tackled 11 vulnerabilities, including email message spoofing (CVE-2023-50762) and message timestamp spoofing (CVE-2023-50761). These updates aim to fortify security, but Mozilla hasn’t reported any active exploits. More details are available on Mozilla’s security advisories page.
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.