The VMware Carbon Black Tech Zone is live! Checkout this great resource: Mastering Carbon Black Audit & Remediation.

Firefox 72 Vulnerability

Source: https://techcrunch.com/2020/01/10/firefox-security-bug-zero-day/

Description: This query looks for all versions of Firefox installed. Mozilla  has warned Firefox users to update their browser to the latest version after security researchers found a vulnerability that hackers were actively exploiting in “targeted attacks” against users. Mozilla issued the security advisory for Firefox 72, which had only been out for two days before the vulnerability was found. Homeland Security’s cyber advisory unit, the Cybersecurity and Infrastructure Security Agency, also issued a security warning, advising users to update to Firefox 72.0.1, which fixes the vulnerability. Little information was given about the bug, only that it could be used to “take control of an affected system.”

What The Data Shows:  Vulnerable Versions of Firefox 

SQL:

SELECT name,version FROM programs WHERE (name LIKE '%Mozilla%' OR name LIKE '%Firefox%') AND version NOT LIKE '72.0.%';

2 Comments
jnelson
Carbon Black Employee
Status changed to: Under Review

@stympanick Your query has a syntax error around the OR in the WHERE clause. It should be:

SELECT name,version FROM programs where name like '%Mozilla%' OR name like '%Firefox%';

Additionally, I think it would be better to only report on versions that are vulnerable. So maybe:

SELECT name,version FROM programs WHERE (name LIKE '%Mozilla%' OR name LIKE '%Firefox%') AND version NOT LIKE '72.0.%';

jnelson
Carbon Black Employee
Status changed to: Approved