There are important security updates for the mail client Thunderbird and the web browser Firefox ESR.
Computers running Firefox ESR and Thunderbird are vulnerable. In current versions, the developers have closed several security gaps. Overall, the threat level is considered to be “high“.
Attackers could, among other things, target a vulnerability (CVE-2022-38472) and use address bar spoofing to trick victims into sending input to the attackers and not to the origin displayed in the address bar. In addition, the developers warn of possible malicious code attacks in an article.
On the other hand are the versions Firefox ESR 91.13, Firefox ESR 102.2, Thunderbird 91.13 and Thunderbird 102.2 armed. Firefox 104 also includes security updates.