CERT-In Warns Mozilla Firefox Users to Update Browser to Avoid Security Risks

The Indian Computer Emergency Response Team (CERT-In) has issued a new advisory urging all Mozilla Firefox users to update their browsers immediately. The warning comes after Mozilla patched several high-severity vulnerabilities that could let hackers run malicious code or steal user data from outdated browser versions.According to CERT-In’s advisory (CIVN-2025-0273) released on October 18, the affected software includes Mozilla Firefox 144, Firefox ESR 140.4, Thunderbird 144, and their earlier versions. The flaws could expose users to data theft, unauthorised access, and even complete system compromise.

These vulnerabilities are caused by issues like memory corruption, use-after-free bugs, cross-process leaks, API misuse, and improper object handling within the browser. Some security flaws also impact Android versions of Firefox and Thunderbird, increasing the risk of spoofing and misdisplaying sensitive information.CERT-In strongly advises individuals and organisations to install the latest updates to stay safe. Mozilla has already rolled out fixes in recent versions—Firefox 144 (MFSA 2025-81), Firefox ESR 115.29 (MFSA 2025-82), Firefox ESR 140.4 (MFSA 2025-83), Thunderbird 144 (MFSA 2025-84), and Thunderbird 140.4 (MFSA 2025-85).Keeping your Mozilla products updated helps prevent attackers from exploiting these flaws to steal data or control your device. Users can find full details on Mozilla’s official security advisory page.