These vulnerabilities were addressed in
- Mozilla Firefox version 108
- Firefox ESR version 102.06
- Thunderbird version 102.06
If you are a datajar.mobi Fully Managed or Hybrid customer, this update has been released via our Auto-Update framework and macOS devices within scope should receive this patch within 30 minutes of coming online.
If you are an Auto-Update for Jamf customer and you are deploying Mozilla Firefox via Auto-Update for Jamf, we suggest you flush any policies to trigger the update when macOS devices next check-in.
If you have any problems, concerns or questions, please let us know.
More information on these updates can be found here:
https://www.mozilla.org/en-US/security/advisories/mfsa2022-51/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-52/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-53/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46871
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46872
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46873
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46874
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46875
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46877
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46880
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46881
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46878
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46879