A vulnerability has been identified in Mozilla Firefox which could allow for Privilege Escalation. Mozilla Firefox is a web browser used to access the Internet. Firefox ESR is a version of the web browser intended to be deployed in large organizations. Successful exploitation of this vulnerability may result in an attacker being able to read and steal sensitive local files on the victim's computer.
- Mozilla Firefox versions prior to 39.0.3
- Firefox ESR versions prior to 38.1.1
Note: Mac users are not susceptible to the currently available exploit code, however the underlying vulnerability still exists within Mozilla Firefox for Macs and could be exploited by an attacker by creating a different payload.
- After appropriate testing, apply updates provided by Mozilla Firefox to vulnerable systems.
- Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack.
- Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources.