Jetzt Ausprobieren

Firefox 120 and Firefox ESR 115.5 Audit

Security Software Vulnerability

Audit All Outdated Firefox Installations in Your Network

On the 21st of November, 2023 Mozilla released its new versions of Firefox 120, and Firefox ESR 115.5. These releases contain multiple changes with additional functionality and security fixes. New features, fixes, and changes in Firefox 120, as listed on Mozilla’s release page include the following:

  • A new “Copy Link Without Site Tracking” feature in the context menu which ensures that copied links no longer contain tracking information.
  • A setting (in Preferences -> Privacy & Security) to enable Global Privacy Control. With this opt-in feature, Firefox informs the websites that the user doesn’t want their data to be shared or sold.
  • Firefox’s private windows and ETP-Strict privacy configuration now enhance the Canvas APIs with Fingerprinting Protection, thereby continuing to protect our users’ online privacy.
  • Firefox has enabled Cookie Banner Blocker by default in private windows for all users in Germany. Firefox will now auto-refuse cookies and dismiss annoying cookie banners for supported sites.
  • Firefox has enabled URL Tracking Protection by default in private windows for all users in Germany. Firefox will remove non-essential URL query parameters that websites often use to track users across the web.
  • Firefox now imports TLS trust anchors (e.g., certificates) from the operating system root store. Windows, macOS, and Android will have this enabled by default. If needed, you can turn it off in settings (Preferences -> Privacy & Security -> Certificates).
  • Keyboard shortcuts have now been added for editing and deleting a selected credential on about:logins. For editing – Alt + enter (Option + return on macOS) and for deleting – Alt + Backspace (Option + Delete on macOS).
  • Users on Ubuntu Linux now have the ability to import from Chromium when both are installed as Snap packages.
  • Picture-in-Picture now supports corner snapping on Windows and Linux – just hold Ctrl as you move the PiP window.

As always, the new releases also come with a number of security fixes, 10 in Firefox 120 and 7 in Firefox ESR 115.5. 6 of these issues received a high severity rating, 2 of which are use-after-free issues, 2 memory safety bugs, 1 clickjacking issue, and 1 out-of-bound memory access bug.

You can use the audit report below to find out which machines in your network still need to update their Mozilla Firefox version. It will show you exactly which machines are not running the latest version of Firefox or Firefox ESR yet. Go ahead and start running your Firefox audit.

Run the Mozilla Firefox 120 and Firefox ESR 115.5 Audit Now!

Firefox 120 and Firefox ESR 115.5 Lansweeper On-Prem Query

Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblAssets.Username,
tblAssets.Userdomain,
Coalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon,
tblAssets.IPAddress,
tblSoftwareUni.softwareName As Software,
tblSoftware.softwareVersion As Version,
tblSoftwareUni.SoftwarePublisher As Publisher,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
Coalesce(tsysOS.OSname, tblSccmAsset.OsCaption,
tblSccmAsset.OperatingSystemNameandVersion) As OS,
tblAssets.Version As OSVersion,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen,
tblAssets.Lasttried
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
Left Outer Join tsysOS On tsysOS.OScode = tblAssets.OScode
Left Outer Join tblSccmAsset On tblAssets.AssetID = tblSccmAsset.AssetId
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where tblSoftwareUni.softwareName Like '%firefox%' And
tblSoftwareUni.SoftwarePublisher Like '%mozilla%' And tblState.Statename =
'Active' And ((Len(tblSoftware.softwareVersion) -
Len(Replace(tblSoftware.softwareVersion, '.', '')) = 1 And
tblSoftwareUni.softwareName Like '%firefox%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
Try_Cast(ParseName(tblSoftware.softwareVersion, 2) As bigint) < 120) Or
(Len(tblSoftware.softwareVersion) - Len(Replace(tblSoftware.softwareVersion,
'.', '')) = 1 And tblSoftwareUni.softwareName Like '%firefox%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
Try_Cast(ParseName(tblSoftware.softwareVersion, 2) As bigint) = 120 And
Try_Cast(ParseName(tblSoftware.softwareVersion, 1) As bigint) < 0) Or
(Len(tblSoftware.softwareVersion) - Len(Replace(tblSoftware.softwareVersion,
'.', '')) = 2 And tblSoftwareUni.softwareName Like '%firefox%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
Try_Cast(ParseName(tblSoftware.softwareVersion, 3) As bigint) < 120) Or
(Len(tblSoftware.softwareVersion) - Len(Replace(tblSoftware.softwareVersion,
'.', '')) = 2 And tblSoftwareUni.softwareName Like '%firefox%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
Try_Cast(ParseName(tblSoftware.softwareVersion, 3) As bigint) = 120 And
Try_Cast(ParseName(tblSoftware.softwareVersion, 2) As bigint) < 0) Or
(Len(tblSoftware.softwareVersion) - Len(Replace(tblSoftware.softwareVersion,
'.', '')) = 2 And tblSoftwareUni.softwareName Like '%firefox%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
Try_Cast(ParseName(tblSoftware.softwareVersion, 3) As bigint) = 120 And
Try_Cast(ParseName(tblSoftware.softwareVersion, 2) As bigint) = 0 And
Try_Cast(ParseName(tblSoftware.softwareVersion, 1) As bigint) < 0) Or
(tblSoftwareUni.softwareName Like '%firefox%esr%' And
Try_Cast(ParseName(tblSoftware.softwareVersion, 3) As bigint) < 115) Or
(tblSoftwareUni.softwareName Like '%firefox%esr%' And
Try_Cast(ParseName(tblSoftware.softwareVersion, 3) As bigint) = 115 And
Try_Cast(ParseName(tblSoftware.softwareVersion, 2) As bigint) < 5) Or
(tblSoftwareUni.softwareName Like '%firefox%esr%' And
Try_Cast(ParseName(tblSoftware.softwareVersion, 3) As bigint) = 115 And
Try_Cast(ParseName(tblSoftware.softwareVersion, 2) As bigint) = 5 And
Try_Cast(ParseName(tblSoftware.softwareVersion, 1) As bigint) < 0) Or
(Len(tblSoftware.softwareVersion) - Len(Replace(tblSoftware.softwareVersion,
'.', '')) = 3 And tblSoftwareUni.softwareName Like '%firefox%' And
Try_Cast(ParseName(tblSoftware.softwareVersion, 4) As bigint) < 120) Or
(Len(tblSoftware.softwareVersion) - Len(Replace(tblSoftware.softwareVersion,
'.', '')) = 3 And tblSoftwareUni.softwareName Like '%firefox%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
Try_Cast(ParseName(tblSoftware.softwareVersion, 4) As bigint) = 120 And
Try_Cast(ParseName(tblSoftware.softwareVersion, 3) As bigint) < 0) Or
(Len(tblSoftware.softwareVersion) - Len(Replace(tblSoftware.softwareVersion,
'.', '')) = 3 And tblSoftwareUni.softwareName Like '%firefox%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
Try_Cast(ParseName(tblSoftware.softwareVersion, 4) As bigint) = 120 And
Try_Cast(ParseName(tblSoftware.softwareVersion, 3) As bigint) = 0 And
Try_Cast(ParseName(tblSoftware.softwareVersion, 2) As bigint) < 0))
Union
Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblAssets.Username,
tblAssets.Userdomain,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
Case
When subquery1.Software Like '%firefox%' And
(Try_Cast(ParseName(tblMacApplications.Version, 3) As bigint) = 115 And
Try_Cast(ParseName(tblMacApplications.Version, 2) As bigint) < 5) Or
(Try_Cast(ParseName(tblMacApplications.Version, 3) As bigint) < 115) Then
'firefox (Possible ESR)'
Else subquery1.Software
End As Software,
subquery1.Version,
subquery1.Publisher,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tblMacOSInfo.SystemVersion As OS,
tblAssets.Version As OSVersion,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen As [Last successful scan],
tblAssets.Lasttried As [Last scan attempt]
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Left Join (Select tblSoftwareUni.softwareName As Software,
tblSoftwareUni.SoftwarePublisher As Publisher,
tblMacApplications.AssetID,
Case
When tblMacApplications.Version Like '%R%' Then
Left(tblMacApplications.Version, CharIndex('R',
tblMacApplications.Version) - 1)
Else tblMacApplications.Version
End As Version
From tblMacApplications
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID =
tblMacApplications.softid
Where tblSoftwareUni.softwareName Like '%firefox%') As subquery1 On
subquery1.AssetID = tblAssets.AssetID
Inner Join tblMacApplications On
tblAssets.AssetID = tblMacApplications.AssetID
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblMacApplications.softid
Inner Join tblMacOSInfo On tblMacOSInfo.AssetID = tblAssets.AssetID
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where tblSoftwareUni.softwareName Like '%firefox%' And tblState.Statename =
'Active' And ((Try_Cast(ParseName(subquery1.Version, 3) As bigint) < 120) Or
(Try_Cast(ParseName(subquery1.Version, 3) As bigint) = 120 And
Try_Cast(ParseName(subquery1.Version, 2) As bigint) < 0) Or
(Try_Cast(ParseName(subquery1.Version, 3) As bigint) = 120 And
Try_Cast(ParseName(subquery1.Version, 2) As bigint) = 0 And
Try_Cast(ParseName(subquery1.Version, 1) As bigint) < 0))
Union
Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblLinuxUser.UserName,
tblAssets.Userdomain,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
subquery1.Software,
subquery1.Version,
subquery1.Publisher,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tblLinuxSystem.OSRelease As OS,
tblAssets.Version As OSVersion,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen As [Last successful scan],
tblAssets.Lasttried As [Last scan attempt]
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblLinuxSystem On tblAssets.AssetID = tblLinuxSystem.AssetID
Inner Join tblLinuxUser On tblAssets.AssetID = tblLinuxUser.AssetID
Inner Join tblLinuxUserLogon On tblLinuxUserLogon.Id = tblLinuxUser.id
Inner Join (Select tblLinuxUser.AssetId,
Max(tblLinuxUserLogon.LogonTime) As MaxLogontime
From tblLinuxUser
Inner Join tblLinuxUserLogon On tblLinuxUserLogon.Id = tblLinuxUser.id
Group By tblLinuxUser.assetid) As subquery2 On subquery2.MaxLogontime =
tblLinuxUserLogon.LogonTime
Inner Join (Select tblSoftwareUni.softwareName As Software,
tblSoftwareUni.SoftwarePublisher As Publisher,
tblLinuxSoftware.LastChanged,
tblLinuxSoftware.assetid,
Case
When tblLinuxSystem.OSRelease Like '%Ubuntu%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
tblLinuxSoftware.Version Like '%+%' And tblLinuxSoftware.Version Like
'%.%.%[^0-9]%' Then Left(tblLinuxSoftware.Version, CharIndex('+',
tblLinuxSoftware.Version) - 1)
When tblLinuxSystem.OSRelease Like '%Ubuntu%' And
tblSoftwareUni.softwareName Like '%esr%' And
tblLinuxSoftware.Version Like '%+%' And tblLinuxSoftware.Version Like
'%.%.%[^0-9]%' Then Left(tblLinuxSoftware.Version, CharIndex('+',
tblLinuxSoftware.Version) - 4)
When tblLinuxSystem.OSRelease Like '%manjaro%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
tblLinuxSoftware.Version Like '%-%' And tblLinuxSoftware.Version Like
'%.%.%[^0-9]%' Then Left(tblLinuxSoftware.Version, CharIndex('-',
tblLinuxSoftware.Version) - 1)
When tblLinuxSystem.OSRelease Like '%manjaro%' And
tblSoftwareUni.softwareName Like '%esr%' And
tblLinuxSoftware.Version Like '%-%' And tblLinuxSoftware.Version Like
'%.%.%[^0-9]%' Then Left(tblLinuxSoftware.Version, CharIndex('-',
tblLinuxSoftware.Version) - 1)
When tblLinuxSystem.OSRelease Like '%manjaro%' And
tblSoftwareUni.softwareName Like '%esr%' And
tblLinuxSoftware.Version Like '%esr-%' And
tblLinuxSoftware.Version Like '%.%.%[^0-9]%' Then
Left(tblLinuxSoftware.Version, CharIndex('-',
tblLinuxSoftware.Version) - 4)
When tblLinuxSystem.OSRelease Like '%debian%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
tblLinuxSoftware.Version Like '%-%' And tblLinuxSoftware.Version Like
'%.%.%[^0-9]%' Then Left(tblLinuxSoftware.Version, CharIndex('-',
tblLinuxSoftware.Version) - 1)
When tblLinuxSystem.OSRelease Like '%debian%' And
tblSoftwareUni.softwareName Like '%esr%' And
tblLinuxSoftware.Version Like '%-%' And tblLinuxSoftware.Version Like
'%.%.%[^0-9]%' Then Left(tblLinuxSoftware.Version, CharIndex('-',
tblLinuxSoftware.Version) - 4)
Else tblLinuxSoftware.Version
End As Version
From tblLinuxSoftware
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID =
tblLinuxSoftware.SoftwareUniID
Inner Join tblLinuxSystem On tblLinuxSoftware.AssetID =
tblLinuxSystem.AssetID
Where tblSoftwareUni.softwareName In ('firefox', 'MozillaFirefox',
'firefox-esr')) As subquery1 On subquery1.assetid = tblAssets.assetid
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where subquery1.Software In ('firefox', 'MozillaFirefox', 'firefox-esr') And
tblState.Statename = 'Active' And ((Len(subquery1.Version) -
Len(Replace(subquery1.Version, '.', '')) = 2 And
subquery1.Software Like '%firefox%' And subquery1.Software Not Like
'%esr%' And Try_Cast(ParseName(subquery1.Version, 3) As bigint) < 120) Or
(Len(subquery1.Version) - Len(Replace(subquery1.Version, '.', '')) = 2 And
subquery1.Software Like '%firefox%' And subquery1.Software Not Like
'%esr%' And Try_Cast(ParseName(subquery1.Version, 3) As bigint) = 120 And
Try_Cast(ParseName(subquery1.Version, 2) As bigint) < 0) Or
(Len(subquery1.Version) - Len(Replace(subquery1.Version, '.', '')) = 2 And
subquery1.Software Like '%firefox%' And subquery1.Software Not Like
'%esr%' And Try_Cast(ParseName(subquery1.Version, 3) As bigint) = 120 And
Try_Cast(ParseName(subquery1.Version, 2) As bigint) = 0 And
Try_Cast(ParseName(subquery1.Version, 1) As bigint) < 0) Or
(Len(subquery1.Version) - Len(Replace(subquery1.Version, '.', '')) = 1 And
subquery1.Software Like '%firefox%' And subquery1.Software Not Like
'%esr%' And Try_Cast(ParseName(subquery1.Version, 2) As bigint) < 120) Or
(Len(subquery1.Version) - Len(Replace(subquery1.Version, '.', '')) = 1 And
subquery1.Software Like '%firefox%' And subquery1.Software Not Like
'%esr%' And Try_Cast(ParseName(subquery1.Version, 2) As bigint) = 120 And
Try_Cast(ParseName(subquery1.Version, 1) As bigint) < 0) Or
(Len(subquery1.Version) - Len(Replace(subquery1.Version, '.', '')) = 2 And
subquery1.Software Like '%firefox%' And subquery1.Software Like '%esr%'
And Try_Cast(ParseName(subquery1.Version, 3) As bigint) < 115) Or
(Len(subquery1.Version) - Len(Replace(subquery1.Version, '.', '')) = 2 And
subquery1.Software Like '%firefox%' And subquery1.Software Like '%esr%'
And Try_Cast(ParseName(subquery1.Version, 3) As bigint) = 115 And
Try_Cast(ParseName(subquery1.Version, 2) As bigint) <5) Or
(Len(subquery1.Version) - Len(Replace(subquery1.Version, '.', '')) = 2 And
subquery1.Software Like '%firefox%' And subquery1.Software Like '%esr%'
And Try_Cast(ParseName(subquery1.Version, 3) As bigint) = 115 And
Try_Cast(ParseName(subquery1.Version, 2) As bigint) = 5 And
Try_Cast(ParseName(subquery1.Version, 1) As bigint) < 0) Or
(Len(subquery1.Version) - Len(Replace(subquery1.Version, '.', '')) = 1 And
subquery1.Software Like '%firefox%' And subquery1.Software Like '%esr%'
And Try_Cast(ParseName(subquery1.Version, 2) As bigint) < 115) Or
(Len(subquery1.Version) - Len(Replace(subquery1.Version, '.', '')) = 1 And
subquery1.Software Like '%firefox%' And subquery1.Software Like '%esr%'
And Try_Cast(ParseName(subquery1.Version, 2) As bigint) = 115 And
Try_Cast(ParseName(subquery1.Version, 1) As bigint) < 5))
Order By Domain,
AssetName,
Software

Show

Hide