Mozilla Firefox Vulnerabilities Show Need for Vigilance

Mozilla Firefox Vulnerabilities

High Profile Alerts Concerning Mozilla Firefox Vulnerabilities

On January 8, 2020 the United States Department of Homeland Defense’s Cybersecurity and Infrastructure Security Agency (CISA) issued an alert concerning Mozilla Firefox vulnerabilities.  These vulnerabilities could allow external control of Mac and Windows computer operating systems by cyberattackers.  Mobile devices are not affected by this problem. 

Mozilla has released versions of Firefox with fixes to these problems.  Versions that contain fixes are:

  • Firefox 72.0.1
  • Firefox ESR 68.4.1

Mozilla Firefox Not Alone

Mozilla Firefox, a favorite browser with privacy minded users since 2004 is not alone with issues however.  Juniper, Interpeak IPnet, and Cisco vulnerabilities were also mentioned this month.  These vulnerabilities illustrate a continuing trend in products and systems that are less secure than required to protect the information systems they serve.  The causes for these continuing problems lay at the heart of the software industry where product complexity and fast paced release cycles outstrip the abilities of product testing to ensure quality.

What Can Be Done?

The core issues concerning the causes of cyber vulnerabilities are probably not going away in the near future.  These vulnerabilities effect data security, the performance capabilities of infrastructure, and the reliability of health and safety centered systems.  These are very real concerns for businesses and addressing these concerns effectively is essential.  

Effective cybersecurity for businesses requires risk management approaches that include tools, policies, security safeguards, guidelines, and training.  Development of an Information Security Management System (ISMS) such as ISO/IEC 27001:2013 is an excellent method that establishes these tools and their implementation into the daily operation of a company.  Because it includes constant improvement as a part of a management review process, it can remain adaptive to the dynamic cyber-threat environment and provide an accredited solution to your company and its customers.

CVG Strategy Can Help

CVG Strategy can help your organization create and implement an effective ISMS.  Our experts are certified Exemplar Global Lead Auditors in ISO/IEC 27001:2013 and understand the varying requirements for businesses of all sizes. 

Kevin Gholston

Share this post