The browsers Firefox, Firefox ESR (with extended support) and the Firefox application for Android mobiles. Do you use any or all three tools from the Mozilla company? If the answer is yes, then it is your turn to update them, as they have just received patches to fix a security vulnerability that Mozilla has found and patched.
According to the INCIBE alert, Mozilla has corrected a critical vulnerability that affects the Firefox, Firefox ESR and Firefox for Android web browsers. This vulnerability “could allow a cybercriminal to modify the content of the packets that use the communications protocol SCTP (Stream Control Transmission Protocol)” to execute malicious code on the device from which the browser is used.
Due to its flexibility and properties, the SCTP protocol is used to reproduce the telephony infrastructure in IP networks and for other services, such as offline messaging and for voice transmission systems, such as VoIP (voice over IP). Therefore, Mozilla has released a security update aimed at solving this security flaw. The first thing you should do is check if you have this version in the case of the Mozilla tools you use: •
Firefox ESR 78.6.1,
Firefox for Android 84.1.3
You can check the current version of your Firefox browser by selecting the upper right button menu> help> about Firefox. In the case of Firefox for Android, you must access the Google Play store on your mobile or tablet and select the Menu icon> My apps and games> Updates. If you have the versions above, no problem. But if you are below, you should update now.
By default, all tools update automatically. In case this feature is not enabled, it is recommended to do so. To do this, follow these steps:
– Firefox: menu> options> general> Firefox updates> install updates automatically
– Firefox Android: Google Play Store> Menu> My apps and games> Updates