Alert GCSA-25100 - Aggiornamento di sicurezza per prodotti Mozilla
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-25100
Data: 22 agosto 2025
Titolo: Aggiornamento di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione del problema
Mozilla ha rilasciato nuove versioni del browser Firefox, Firefox ESR,
Focus, e dei client di posta Thunderbird e Thunderbird ESR, con le quali
risolve vulnerabilita' multiple, di cui 3 con gravita' "critica" e
7 con gravita' "alta"..
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 142
Firefox ESR versioni precedenti alla 115.27
Firefox ESR versioni precedenti alla 128.14
Firefox ESR versioni precedenti alla 140.2
Focus per IoS versioni precedenti alla 142
Thunderbird versioni precedenti alla 142
Thunderbird ESR versioni precedenti alla 140.2
Thunderbird ESR versioni precedenti alla 128.14
:: Impatto
Remote Code Execution
Security Restriction Bypass
:: Soluzioni
Aggiornare Firefox all'ultima versione
https://support.mozilla.org/en-US/kb/update-firefox-latest-release
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/it/firefox/enterprise/
https://www.mozilla.org/it/firefox/all/#product-desktop-release
Aggiornare Thunderbird all'ultima versione
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/it/thunderbird/all/
https://www.thunderbird.net/it/thunderbird/releases/
:: Riferimenti
Mozilla Foundation Security Advisory
https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-64/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-65/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-66/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-67/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-68/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-69/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-70/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-71/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-72/
CSIRT Italia
https://www.acn.gov.it/portale/w/aggiornamenti-di-sicurezza-per-prodotti-mozilla-11
Mitre CVE
https://www.cve.org/CVERecord/?id=CVE-2025-9187
https://www.cve.org/CVERecord/?id=CVE-2025-9186
https://www.cve.org/CVERecord/?id=CVE-2025-9185
https://www.cve.org/CVERecord/?id=CVE-2025-9184
https://www.cve.org/CVERecord/?id=CVE-2025-9183
https://www.cve.org/CVERecord/?id=CVE-2025-9182
https://www.cve.org/CVERecord/?id=CVE-2025-9181
https://www.cve.org/CVERecord/?id=CVE-2025-9180
https://www.cve.org/CVERecord/?id=CVE-2025-9179
https://www.cve.org/CVERecord/?id=CVE-2025-55033
https://www.cve.org/CVERecord/?id=CVE-2025-55032
https://www.cve.org/CVERecord/?id=CVE-2025-55031
https://www.cve.org/CVERecord/?id=CVE-2025-55030
https://www.cve.org/CVERecord/?id=CVE-2025-55029
https://www.cve.org/CVERecord/?id=CVE-2025-55028
GARR CERT Security Alert - subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaKhpVQAKCRDBnEyTZRJg
QtKoAJ9n56WGpmtkbFTrks4AjfimJ15YWwCgtSHFMUDjzQJ8oV5uu/k2HyELpWQ=
=rRT+
-----END PGP SIGNATURE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-25100
Data: 22 agosto 2025
Titolo: Aggiornamento di sicurezza per prodotti Mozilla
******************************************************************
:: Descrizione del problema
Mozilla ha rilasciato nuove versioni del browser Firefox, Firefox ESR,
Focus, e dei client di posta Thunderbird e Thunderbird ESR, con le quali
risolve vulnerabilita' multiple, di cui 3 con gravita' "critica" e
7 con gravita' "alta"..
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software interessato
Firefox versioni precedenti alla 142
Firefox ESR versioni precedenti alla 115.27
Firefox ESR versioni precedenti alla 128.14
Firefox ESR versioni precedenti alla 140.2
Focus per IoS versioni precedenti alla 142
Thunderbird versioni precedenti alla 142
Thunderbird ESR versioni precedenti alla 140.2
Thunderbird ESR versioni precedenti alla 128.14
:: Impatto
Remote Code Execution
Security Restriction Bypass
:: Soluzioni
Aggiornare Firefox all'ultima versione
https://support.mozilla.org/en-US/kb/update-firefox-latest-release
https://www.mozilla.org/it/firefox/new/
https://www.mozilla.org/it/firefox/enterprise/
https://www.mozilla.org/it/firefox/all/#product-desktop-release
Aggiornare Thunderbird all'ultima versione
https://support.mozilla.org/it/kb/aggiornamento-di-thunderbird
https://www.mozilla.org/it/thunderbird/
https://www.thunderbird.net/it/thunderbird/all/
https://www.thunderbird.net/it/thunderbird/releases/
:: Riferimenti
Mozilla Foundation Security Advisory
https://www.mozilla.org/en-US/security/advisories/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-64/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-65/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-66/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-67/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-68/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-69/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-70/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-71/
https://www.mozilla.org/en-US/security/advisories/mfsa2025-72/
CSIRT Italia
https://www.acn.gov.it/portale/w/aggiornamenti-di-sicurezza-per-prodotti-mozilla-11
Mitre CVE
https://www.cve.org/CVERecord/?id=CVE-2025-9187
https://www.cve.org/CVERecord/?id=CVE-2025-9186
https://www.cve.org/CVERecord/?id=CVE-2025-9185
https://www.cve.org/CVERecord/?id=CVE-2025-9184
https://www.cve.org/CVERecord/?id=CVE-2025-9183
https://www.cve.org/CVERecord/?id=CVE-2025-9182
https://www.cve.org/CVERecord/?id=CVE-2025-9181
https://www.cve.org/CVERecord/?id=CVE-2025-9180
https://www.cve.org/CVERecord/?id=CVE-2025-9179
https://www.cve.org/CVERecord/?id=CVE-2025-55033
https://www.cve.org/CVERecord/?id=CVE-2025-55032
https://www.cve.org/CVERecord/?id=CVE-2025-55031
https://www.cve.org/CVERecord/?id=CVE-2025-55030
https://www.cve.org/CVERecord/?id=CVE-2025-55029
https://www.cve.org/CVERecord/?id=CVE-2025-55028
GARR CERT Security Alert - subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCaKhpVQAKCRDBnEyTZRJg
QtKoAJ9n56WGpmtkbFTrks4AjfimJ15YWwCgtSHFMUDjzQJ8oV5uu/k2HyELpWQ=
=rRT+
-----END PGP SIGNATURE-----