Mozilla Firefox and Firefox ESR

Mozilla released security updates to address multiple vulnerabilities in Firefox and Firefox ESR. Successful exploitation of these vulnerabilities could allow a remote threat actor to take control of an infected system. In total, 49 vulnerabilities were addressed in these updates; two critical vulnerabilities are listed below. The NJCCIC recommends users and administrators review the Mozilla Security Advisory for Firefox 54 and Firefox ESR 52.2 and apply the necessary updates.

CVE-2017-5472: Use-after-free using destroyed node when regenerating trees (CRITICAL)

CVE-2017-5470: Memory safety bugs fixed in Firefox 54 and Firefox ESR 52.2 (CRITICAL)