These vulnerabilities were addressed in
- Mozilla Firefox versions prior to 133
- Firefox ESR versions prior to 128.5.0
- Thunderbird versions prior to 128.5.0
If you are a datajar.mobi Fully Managed or Hybrid customer, this update has been released via our Auto-Update framework and macOS devices within scope should receive this patch within 30 minutes of coming online.
If your organisation has a Jamf Auto Update subscription and you are deploying Mozilla Firefox or Thunderbird via Jamf Auto Update, we suggest you flush any policies to trigger the update when macOS devices next check-in.
If you have any problems, concerns or questions, please let us know.
More information on these updates can be found here:
https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-68/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-67/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-66/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-65/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-64/
https://www.mozilla.org/en-US/security/advisories/mfsa2024-63/