A critical use-after-free vulnerability in Mozilla's Disability Access APIs allows an attacker to escape the browser sandbox and potentially execute arbitrary code.

The vulnerability is triggered by a use-after-free condition within the Disability Access APIs, which can be exploited by an attacker to manipulate memory and achieve a sandbox escape.

With a CVSS score of 9.6, this flaw poses a critical risk to end-user workstations. Successful exploitation allows for the execution of arbitrary code outside of the browser sandbox, potentially leading to full system compromise, the installation of malware, or the theft of local user credentials.

Immediate Action: Update Firefox and Thunderbird to the latest versions (e.g., Firefox 151, Firefox ESR 115.36/140.11, or Thunderbird 151/140.11).

Proactive Monitoring: Monitor endpoint protection logs for unusual process creation or memory access violations originating from browser or mail client processes.

Compensating Controls: Enforce organizational policies that limit user privileges on workstations and utilize EDR solutions to detect and block malicious child processes spawned by browsers.

Public Exploit Available: Unknown

Given the critical nature of sandbox escape vulnerabilities in widely used browsers and mail clients, immediate deployment of the security updates is required to protect organizational endpoints from potential exploitation.