Mozilla Products March 2024 1st Security Update Advisory

Overview

 

An update has been made available to address a vulnerability in the Mozilla family of products (Firefox ESR, Firefox versions). users of affected products are advised to update to the latest version.

 

Affected Products

 

Prior to Firefox 124.0.1

Prior to Firefox ESR 115.9.1

 

Resolved Vulnerabilities

 

A critical information bypass vulnerability exists in Firefox (CVE-2024-29943) [2]

Highly critical JavaScript execution via event handler vulnerability in Firefox, Firefox ESR (CVE-2024-29944) [1], [2]

 

Vulnerability Patches

 

The following Vulnerability Patches were made available in the 03/22/2024 update. For more information on Vulnerability Patches, please refer to the “Mozilla” Referenced Sites documentation.

Firefox ESR 115.9.1 version

Firefox version 124.0.1

 

Referenced Sites

 

[1] Security Vulnerabilities fixed in Firefox ESR 115.9.1

https://www.mozilla.org/en-US/security/advisories/mfsa2024-16/

[2] Security Vulnerabilities fixed in Firefox 124.0.1

https://www.mozilla.org/en-US/security/advisories/mfsa2024-15/

[3] Update Firefox to the latest release

https://support.mozilla.org/ko/kb/update-firefox-latest-release