Jetzt Ausprobieren

Firefox 105 and Firefox ESR 102.3 Audit

Security Software Vulnerability

Audit All Outdated Firefox Installations in Your Network

Mozilla’s new versions for Firefox and Firefox ESR have been released with additional functionality and security releases as of the 20th of September, 2022. New features in Firefox 105, as listed on Mozilla’s release page include:
  • The option to print only the current page from the print preview dialog.
  • Partitioned service workers in third-party contexts. You can register service workers in a third-party iframe and it will be partitioned under the top-level domain.
  • Swipe to navigate on Windows (two fingers on a touchpad swiped left or right to perform history back or forward).
  • Firefox is now compliant with the User Timing L3 specification, which adds additional optional arguments to the performance.mark and performance.measure methods to provide custom start times, end times, duration, and attached details.
  • Two times faster searching in large lists for individual items. This performance enhancement replaces array.includes and array.indexOf with an optimized SIMD version.
Additionally, a number of fixes have been made including:
  • Significantly improved stability on Windows as Firefox handles low-memory situations much better.
  • Touchpad scrolling on macOS has been made more accessible by reducing unintended diagonal scrolling opposite of the intended scroll axis.
  • Firefox is now less likely to run out of memory on Linux and performs more efficiently for the rest of the system when memory runs low.
Firefox 105 also brings 7 security fixes. For Firefox ESR 102.3 6 vulnerabilities have been fixed. Most notable are the fixes for a memory safety bug (CVE-2022-40962), 1 vulnerability allowing for the bypassing of FeaturePolicy restrictions on transient pages (CVE-2022-40959), and 1 causing data-race when parsing non-UTF-8 URLs in threads (CVE-2022-40960), both in Firefox and in Firefox ESR. To find which machines still need to update their Mozilla Firefox version, you can use the audit below which shows exactly which machines are not running the latest version of Firefox or Firefox ESR yet. Go ahead and start running your Firefox audit. Firefox 105 Audit Report

Firefox 105 and Firefox ESR 102.3u00a0Query

Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblAssets.Username,
tblAssets.Userdomain,
Coalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon,
tblAssets.IPAddress,
tblSoftwareUni.softwareName As Software,
tblSoftware.softwareVersion As Version,
tblSoftwareUni.SoftwarePublisher As Publisher,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
Coalesce(tsysOS.OSname, tblSccmAsset.OsCaption,
tblSccmAsset.OperatingSystemNameandVersion) As OS,
tblAssets.Version As OSVersion,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen,
tblAssets.Lasttried
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
Left Outer Join tsysOS On tsysOS.OScode = tblAssets.OScode
Left Outer Join tblSccmAsset On tblAssets.AssetID = tblSccmAsset.AssetId
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where tblSoftwareUni.softwareName Like '%firefox%' And
tblSoftwareUni.SoftwarePublisher Like '%mozilla%' And tblState.Statename =
'Active' And ((Len(tblSoftware.softwareVersion) -
Len(Replace(tblSoftware.softwareVersion, '.', '')) = 1 And
tblSoftwareUni.softwareName Like '%firefox%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
Cast(ParseName(tblSoftware.softwareVersion, 2) As bigint) < 105)
Or
(Len(tblSoftware.softwareVersion) - Len(Replace(tblSoftware.softwareVersion,
'.', '')) = 1 And tblSoftwareUni.softwareName Like '%firefox%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
Cast(ParseName(tblSoftware.softwareVersion, 2) As bigint) = 105 And
Cast(ParseName(tblSoftware.softwareVersion, 1) As bigint) < 0) Or
(Len(tblSoftware.softwareVersion) - Len(Replace(tblSoftware.softwareVersion,
'.', '')) = 2 And tblSoftwareUni.softwareName Like '%firefox%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
Cast(ParseName(tblSoftware.softwareVersion, 3) As bigint) < 105)
Or
(Len(tblSoftware.softwareVersion) - Len(Replace(tblSoftware.softwareVersion,
'.', '')) = 2 And tblSoftwareUni.softwareName Like '%firefox%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
Cast(ParseName(tblSoftware.softwareVersion, 3) As bigint) = 105 And
Cast(ParseName(tblSoftware.softwareVersion, 2) As bigint) < 0) Or
(Len(tblSoftware.softwareVersion) - Len(Replace(tblSoftware.softwareVersion,
'.', '')) = 2 And tblSoftwareUni.softwareName Like '%firefox%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
Cast(ParseName(tblSoftware.softwareVersion, 3) As bigint) = 105 And
Cast(ParseName(tblSoftware.softwareVersion, 2) As bigint) = 0 And
Cast(ParseName(tblSoftware.softwareVersion, 1) As bigint) < 0) Or
(tblSoftwareUni.softwareName Like '%firefox%esr%' And
Cast(ParseName(tblSoftware.softwareVersion, 3) As bigint) < 102) Or
(tblSoftwareUni.softwareName Like '%firefox%esr%' And
Cast(ParseName(tblSoftware.softwareVersion, 3) As bigint) = 102 And
Cast(ParseName(tblSoftware.softwareVersion, 2) As bigint) < 3) Or
(tblSoftwareUni.softwareName Like '%firefox%esr%' And
Cast(ParseName(tblSoftware.softwareVersion, 3) As bigint) = 102 And
Cast(ParseName(tblSoftware.softwareVersion, 2) As bigint) = 3 And
Cast(ParseName(tblSoftware.softwareVersion, 1) As bigint) < 0) Or
(Len(tblSoftware.softwareVersion) - Len(Replace(tblSoftware.softwareVersion,
'.', '')) = 3 And tblSoftwareUni.softwareName Like '%firefox%' And
Cast(ParseName(tblSoftware.softwareVersion, 4) As bigint) < 105)
Or
(Len(tblSoftware.softwareVersion) - Len(Replace(tblSoftware.softwareVersion,
'.', '')) = 3 And tblSoftwareUni.softwareName Like '%firefox%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
Cast(ParseName(tblSoftware.softwareVersion, 4) As bigint) = 105 And
Cast(ParseName(tblSoftware.softwareVersion, 3) As bigint) < 0) Or
(Len(tblSoftware.softwareVersion) - Len(Replace(tblSoftware.softwareVersion,
'.', '')) = 3 And tblSoftwareUni.softwareName Like '%firefox%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
Cast(ParseName(tblSoftware.softwareVersion, 4) As bigint) = 105 And
Cast(ParseName(tblSoftware.softwareVersion, 3) As bigint) = 0 And
Cast(ParseName(tblSoftware.softwareVersion, 2) As bigint) < 0))
Union
Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblAssets.Username,
tblAssets.Userdomain,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
Case when subquery1.Software like '%firefox%' and (Cast(ParseName(tblMacApplications.Version, 3) As bigint) = 102
And Cast(ParseName(tblMacApplications.Version, 2) As bigint) < 3) Or
(Cast(ParseName(tblMacApplications.Version, 3) As bigint) < 102) then 'firefox (Possible ESR)'
else subquery1.Software
end as Software,
subquery1.Version,
subquery1.Publisher,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tblMacOSInfo.SystemVersion As OS,
tblAssets.Version As OSVersion,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen As [Last successful scan],
tblAssets.Lasttried As [Last scan attempt]
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
left join (
Select tblSoftwareUni.softwareName As Software,
tblSoftwareUni.SoftwarePublisher As Publisher,
tblMacApplications.AssetID,
Case
When tblMacApplications.Version Like '%R%' Then Left(tblMacApplications.Version, CharIndex('R',
tblMacApplications.Version) - 1)
Else tblMacApplications.Version
End As Version
From tblMacApplications
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID =
tblMacApplications.softid
where tblSoftwareUni.softwareName like '%firefox%'
) as subquery1 on subquery1.AssetID = tblAssets.AssetID
Inner Join tblMacApplications On
tblAssets.AssetID = tblMacApplications.AssetID
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblMacApplications.softid
Inner Join tblMacOSInfo On tblMacOSInfo.AssetID = tblAssets.AssetID
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where tblSoftwareUni.softwareName Like '%firefox%' And tblState.Statename =
'Active' And ((Cast(ParseName(subquery1.Version, 3) As bigint) < 105) Or
(Cast(ParseName(subquery1.Version, 3) As bigint) = 105 And
Cast(ParseName(subquery1.Version, 2) As bigint) < 0) Or
(Cast(ParseName(subquery1.Version, 3) As bigint) = 105 And
Cast(ParseName(subquery1.Version, 2) As bigint) = 0 And
Cast(ParseName(subquery1.Version, 1) As bigint) < 0))
Union
Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblLinuxUser.UserName,
tblAssets.Userdomain,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
subquery1.Software,
subquery1.Version,
subquery1.Publisher,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tblLinuxSystem.OSRelease As OS,
tblAssets.Version As OSVersion,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen As [Last successful scan],
tblAssets.Lasttried As [Last scan attempt]
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblLinuxSystem On tblAssets.AssetID = tblLinuxSystem.AssetID
Inner Join tblLinuxUser On tblAssets.AssetID = tblLinuxUser.AssetID
Inner Join tblLinuxUserLogon On tblLinuxUserLogon.Id = tblLinuxUser.id
Inner Join (Select tblLinuxUser.AssetId,
Max(tblLinuxUserLogon.LogonTime) As MaxLogontime
From tblLinuxUser
Inner Join tblLinuxUserLogon On tblLinuxUserLogon.Id = tblLinuxUser.id
Group By tblLinuxUser.assetid) As subquery2 On subquery2.MaxLogontime =
tblLinuxUserLogon.LogonTime
Inner Join (Select tblSoftwareUni.softwareName As Software,
tblSoftwareUni.SoftwarePublisher As Publisher,
tblLinuxSoftware.LastChanged,
tblLinuxSoftware.assetid,
Case
When tblLinuxSystem.OSRelease Like '%Ubuntu%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
tblLinuxSoftware.Version Like '%+%' And tblLinuxSoftware.Version Like
'%.%.%[^0-9]%' Then Left(tblLinuxSoftware.Version, CharIndex('+',
tblLinuxSoftware.Version) - 1)
When tblLinuxSystem.OSRelease Like '%Ubuntu%' And
tblSoftwareUni.softwareName Like '%esr%' And
tblLinuxSoftware.Version Like '%+%' And tblLinuxSoftware.Version Like
'%.%.%[^0-9]%' Then Left(tblLinuxSoftware.Version, CharIndex('+',
tblLinuxSoftware.Version) - 4)
When tblLinuxSystem.OSRelease Like '%manjaro%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
tblLinuxSoftware.Version Like '%-%' And tblLinuxSoftware.Version Like
'%.%.%[^0-9]%' Then Left(tblLinuxSoftware.Version, CharIndex('-',
tblLinuxSoftware.Version) - 1)
When tblLinuxSystem.OSRelease Like '%manjaro%' And
tblSoftwareUni.softwareName Like '%esr%' And
tblLinuxSoftware.Version Like '%-%' And tblLinuxSoftware.Version Like
'%.%.%[^0-9]%' Then Left(tblLinuxSoftware.Version, CharIndex('-',
tblLinuxSoftware.Version) - 1)
When tblLinuxSystem.OSRelease Like '%manjaro%' And
tblSoftwareUni.softwareName Like '%esr%' And
tblLinuxSoftware.Version Like '%esr-%' And
tblLinuxSoftware.Version Like '%.%.%[^0-9]%' Then
Left(tblLinuxSoftware.Version, CharIndex('-',
tblLinuxSoftware.Version) - 4)
When tblLinuxSystem.OSRelease Like '%debian%' And
tblSoftwareUni.softwareName Not Like '%esr%' And
tblLinuxSoftware.Version Like '%-%' And tblLinuxSoftware.Version Like
'%.%.%[^0-9]%' Then Left(tblLinuxSoftware.Version, CharIndex('-',
tblLinuxSoftware.Version) - 1)
When tblLinuxSystem.OSRelease Like '%debian%' And
tblSoftwareUni.softwareName Like '%esr%' And
tblLinuxSoftware.Version Like '%-%' And tblLinuxSoftware.Version Like
'%.%.%[^0-9]%' Then Left(tblLinuxSoftware.Version, CharIndex('-',
tblLinuxSoftware.Version) - 4)
Else tblLinuxSoftware.Version
End As Version
From tblLinuxSoftware
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID =
tblLinuxSoftware.SoftwareUniID
Inner Join tblLinuxSystem On tblLinuxSoftware.AssetID =
tblLinuxSystem.AssetID
where tblSoftwareUni.softwareName In ('firefox', 'MozillaFirefox', 'firefox-esr')
) As subquery1 On subquery1.assetid =
tblAssets.assetid
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where subquery1.Software In ('firefox', 'MozillaFirefox', 'firefox-esr') And
tblState.Statename = 'Active' And ((Len(subquery1.Version) -
Len(Replace(subquery1.Version, '.', '')) = 2 And
subquery1.Software Like '%firefox%' And subquery1.Software Not Like
'%esr%' And Cast(ParseName(subquery1.Version, 3) As bigint) < 105) Or
(Len(subquery1.Version) - Len(Replace(subquery1.Version, '.', '')) = 2 And
subquery1.Software Like '%firefox%' And subquery1.Software Not Like
'%esr%' And Cast(ParseName(subquery1.Version, 3) As bigint) = 105 And
Cast(ParseName(subquery1.Version, 2) As bigint) < 0) Or
(Len(subquery1.Version) - Len(Replace(subquery1.Version, '.', '')) = 2 And
subquery1.Software Like '%firefox%' And subquery1.Software Not Like
'%esr%' And Cast(ParseName(subquery1.Version, 3) As bigint) = 105 And
Cast(ParseName(subquery1.Version, 2) As bigint) = 0 And
Cast(ParseName(subquery1.Version, 1) As bigint) < 0) Or
(Len(subquery1.Version) - Len(Replace(subquery1.Version, '.', '')) = 1 And
subquery1.Software Like '%firefox%' And subquery1.Software Not Like
'%esr%' And Cast(ParseName(subquery1.Version, 2) As bigint) < 105) Or
(Len(subquery1.Version) - Len(Replace(subquery1.Version, '.', '')) = 1 And
subquery1.Software Like '%firefox%' And subquery1.Software Not Like
'%esr%' And Cast(ParseName(subquery1.Version, 2) As bigint) = 105 And
Cast(ParseName(subquery1.Version, 1) As bigint) < 0) Or
(Len(subquery1.Version) - Len(Replace(subquery1.Version, '.', '')) = 2 And
subquery1.Software Like '%firefox%' And subquery1.Software Like '%esr%'
And Cast(ParseName(subquery1.Version, 3) As bigint) < 102) Or
(Len(subquery1.Version) - Len(Replace(subquery1.Version, '.', '')) = 2 And
subquery1.Software Like '%firefox%' And subquery1.Software Like '%esr%'
And Cast(ParseName(subquery1.Version, 3) As bigint) = 102 And
Cast(ParseName(subquery1.Version, 2) As bigint) < 3) Or
(Len(subquery1.Version) - Len(Replace(subquery1.Version, '.', '')) = 2 And
subquery1.Software Like '%firefox%' And subquery1.Software Like '%esr%'
And Cast(ParseName(subquery1.Version, 3) As bigint) = 102 And
Cast(ParseName(subquery1.Version, 2) As bigint) = 3 And
Cast(ParseName(subquery1.Version, 1) As bigint) < 0) Or
(Len(subquery1.Version) - Len(Replace(subquery1.Version, '.', '')) = 1 And
subquery1.Software Like '%firefox%' And subquery1.Software Like '%esr%'
And Cast(ParseName(subquery1.Version, 2) As bigint) < 102) Or
(Len(subquery1.Version) - Len(Replace(subquery1.Version, '.', '')) = 1 And
subquery1.Software Like '%firefox%' And subquery1.Software Like '%esr%'
And Cast(ParseName(subquery1.Version, 2) As bigint) = 102 And
Cast(ParseName(subquery1.Version, 1) As bigint) < 3))
Order By Domain,
AssetName,
Software

Show

Hide