On Sat, 03 Dec 2022, 21:14:13 +0100, Larry Len Rainey wrote:
The US Cert team has advised bank of a zero day exploit on Firefox below 107. So all login attempts are blocked for Firefox less than 107.
The code from the Cert team does not provide for esr versions.
The problem is Windows machines have been compromised - not man Linux machines have. Best I can tell is a "rust based malware" can be installed on versions prior to 107. Firefox and Thunderbird 107 prevent the "rust based malware" from running.
Please ask them where they get the Thunderbird 107 version from: http://archive.mozilla.org/pub/thunderbird/releases/ There is none, just beta versions...
That is what the bank told me yesterday when I called about the no login for 102.5esr version.
There is a 107.1 version of Firefox in the meantime, maybe that version has a fix for the zero day exploit, while 102.5esr does not even need it because it does not have the features added after Firefox 103?
Larry
HTH, cheers. l8er manfred