Microsoft protocols can be attacked if a user accepts a prompt - CVE-2022-34478ID: oval:org.secpod.oval:def:81775 | Date: (C)2022-06-29 (M)2024-03-27 |
Class: VULNERABILITY | Family: windows |
Mozilla Firefox 102, Mozilla Firefox ESR 91.11, Mozilla Thunderbird 91.11 and Mozilla Thunderbird 102: The ms-msdt, search, and search-ms protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have had known vulnerabilities, exploited in the wild (although we know of none exploited through Firefox), so in this release Firefox has blocked these protocols from prompting the user to open them.
Platform: |
Microsoft Windows 11 |
Microsoft Windows Server 2019 |
Microsoft Windows Server 2022 |
Microsoft Windows 8 |
Microsoft Windows XP |
Microsoft Windows Server 2008 |
Microsoft Windows Vista |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows 10 |
Product: |
Mozilla Firefox |
Mozilla Firefox ESR |
Mozilla Thunderbird |