The Mozilla Foundation has released security updates to address a critical vulnerability in the built-in PDF Viewer for Firefox and Firefox ESR. Exploitation of the vulnerability may allow an attacker to read and steal sensitive local files on the victim's computer.
Available updates include:
- Firefox 39.0.3
- Firefox ESR 38.1.1
US-CERT encourages users and administrators to review the Security Advisory for Firefox and Firefox ESR and apply the necessary updates.