In October 2024, Mozilla released a critical advisory addressing CVE-2024-9680, a use-after-free vulnerability affecting the Animation Timelines component in Firefox and Thunderbird. This flaw has been actively exploited in the wild, posing significant security risks to users worldwide. Here’s everything you need to know about this vulnerability, including how to protect yourself.
What Is CVE-2024-9680?
CVE-2024-9680 is a use-after-free vulnerability in Firefox and Thunderbird that allows attackers to execute arbitrary code within the browser’s content process. This vulnerability can be exploited to install malware, steal sensitive data, or gain control over affected systems without user interaction.
Why Is This Vulnerability Significant?
What makes CVE-2024-9680 particularly dangerous is its active exploitation in the wild. Attackers are leveraging this flaw alongside another zero-day vulnerability in Windows (CVE-2024-49039) to perform zero-click attacks. These attacks have been linked to the Russia-aligned RomCom Advanced Persistent Threat (APT) group, who use them to deploy their RomCom backdoor without user interaction.
Affected Software Versions
The following versions of Mozilla products are vulnerable to CVE-2024-9680:
- Firefox: Versions prior to 131.0.2
- Firefox ESR: Versions prior to 128.3.1 and 115.16.1
- Thunderbird: Versions prior to 131.0.1, 128.3.1, and 115.16.0
How Was CVE-2024-9680 Exploited?
According to security researchers, attackers exploited this vulnerability to execute zero-click attacks. These attacks require no user interaction, making them particularly insidious. By exploiting CVE-2024-9680, attackers could install malware, exfiltrate data, and maintain persistence on the targeted systems.
The RomCom APT group, known for its advanced cyber-espionage capabilities, used this exploit in high-profile attacks, targeting government institutions and enterprises.
How to Protect Yourself
Mozilla released patches addressing CVE-2024-9680 on October 9, 2024. Users are strongly advised to update their software to the latest versions to mitigate this critical security risk.
Steps to Update Firefox and Thunderbird:
- Open Firefox or Thunderbird.
- Navigate to the Menu (☰) and select Help.
- Click on About Firefox or About Thunderbird.
- The software will automatically check for updates and install the latest version.
- Restart the application to complete the update.
Recommended Secure Versions
- Firefox: Version 131.0.2 or later
- Firefox ESR: Version 128.3.1 or 115.16.1
- Thunderbird: Version 131.0.1, 128.3.1, or 115.16.0
Why Regular Updates Matter
Cybercriminals often exploit vulnerabilities in outdated software. Keeping your applications updated ensures that known security flaws are patched, reducing your risk of falling victim to cyberattacks like those leveraging CVE-2024-9680.
Final Thoughts
The discovery of CVE-2024-9680 underscores the importance of maintaining a robust cybersecurity posture. With attackers actively exploiting this vulnerability, it’s crucial for all users of Firefox and Thunderbird to update their software immediately.
For organizations, implementing vulnerability management systems and conducting regular security audits can help mitigate risks associated with such exploits. Stay vigilant, stay updated, and prioritize your online security.
For more information about CVE-2024-9680 and Mozilla’s security updates, visit Mozilla’s official security advisory page.
