Mozilla Firefox and Thunderbird on macOS are vulnerable to a critical use-after-free flaw in the Cocoa widget component that could lead to full system compromise.

This is a use-after-free vulnerability in the "Widget: Cocoa" component, specifically affecting the macOS versions of the software. An unauthenticated attacker can trigger this through malicious web content to execute arbitrary code.

Successful exploitation allows an attacker to execute code with the user's permissions, potentially leading to the theft of sensitive data, including keychain items and local files. The CVSS score of 9.8 highlights the critical risk to macOS users within the organization.

Immediate Action: Update all macOS installations of Firefox and Thunderbird to version 149 or the latest ESR release immediately.

Proactive Monitoring: Monitor macOS systems for suspicious processes and review security logs for anomalies related to browser execution.

Compensating Controls: Implement Gatekeeper and other macOS-native security features to restrict the execution of unsigned or untrusted code.

Public Exploit Available: No

Organizations with a significant macOS footprint must treat this as a critical priority. Ensure that all Apple workstations are updated to the latest version of Mozilla software to mitigate the risk of remote code execution via this Cocoa-specific flaw.