Mozilla Releases Security Updates for Firefox and Thunderbird

Original release date: October 15, 2014

The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox and Thunderbird. Exploitation of these vulnerabilities may allow an attacker to obtain sensitive information, bypass same-origin policy and key pinning, cause an exploitable crash, conduct a man-in-the-middle attack, or execute arbitrary code.

The following updates are available:

  • Firefox 33
  • Firefox ESR 31.2
  • Thunderbird 31.2

Users and administrators are encouraged to review the Security Advisories for Firefox, Firefox ESR and Thunderbird to determine which updates should be applied to mitigate these risks.


This product is provided subject to this Notification and this Privacy & Use policy.

Reposted from US-CERT. Click here to read the original posting.