Firefox 67.0.3 Zero-Day Vulnerability Audit

Discover All Devices Vulnerable to the Firefox Zero-Day CVE-2019-11707 Vulnerability

Mozilla released an unexpected security patch for Firefox and Firefox ESR to fix a critical zero-day vulnerability CVE-2019-11707. You can find all the details in our Firefox vulnerability blog post.

It is important to be able to find all devices which are running outdated Firefox installation is these situations. Especially when these vulnerabilities are being actively exploited. With this audit you can identify any Windows, Linux or Mac device running an outdated Firefox or Firefox ESR version and update them to the latest version.

Firefox 67.0.3 zero-day vulnerability

Firefox 67.0.3 Zero-Day Vulnerability Query

Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.Domain,
  tsysAssetTypes.AssetTypename As AssetType,
  tblAssets.Username,
  tblAssets.Userdomain,
  tsysAssetTypes.AssetTypeIcon10 As icon,
  tblAssets.IPAddress,
  Case
    When tblSoftware.softwareVersion >= '67.0.3' And
      tblSoftwareUni.softwareName Like '%firefox%' Then 'Up to date'
    When tblSoftware.softwareVersion >= '60.7.1' And
      tblSoftwareUni.softwareName Like '%firefox%ESR%' Then 'Up to date'
    Else 'Out of date'
  End As [Patch Status],
  tblSoftwareUni.softwareName As Software,
  tblSoftware.softwareVersion As Version,
  tblSoftwareUni.SoftwarePublisher As Publisher,
  tsysIPLocations.IPLocation,
  tblAssetCustom.Manufacturer,
  tblAssetCustom.Model,
  tsysOS.OSname As OS,
  tblAssets.SP,
  tblSoftware.Lastchanged,
  tblAssets.Lastseen,
  tblAssets.Lasttried,
Case
    When tblSoftware.softwareVersion >= '67.0.3' AND tblSoftwareUni.softwareName Like '%firefox%' Then '#d4f4be'
    When tblSoftware.softwareVersion >= '60.7.1' AND tblSoftwareUni.softwareName Like '%firefox%ESR%' Then '#d4f4be'
    Else '#ffadad'
End As backgroundcolor
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tsysIPLocations On tsysIPLocations.LocationID =
    tblAssets.LocationID
  Inner Join tblState On tblState.State = tblAssetCustom.State
  Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
  Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
  Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblSoftwareUni.softwareName Like '%firefox%' And tblState.Statename =
  'Active'
Union
Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.Domain,
  tsysAssetTypes.AssetTypename As AssetType,
  tblAssets.Username,
  tblAssets.Userdomain,
  tsysAssetTypes.AssetTypeIcon10 As icon,
  tblAssets.IPAddress,
  Case
    When tblMacApplications.Version >= '67.0.3' And
      tblSoftwareUni.softwareName Like '%firefox%' Then 'Up to date'
    When tblMacApplications.Version >= '60.7.1' And
      tblSoftwareUni.softwareName Like '%firefox%ESR%' Then 'Up to date'
    Else 'Out of date'
  End As [Patch Status],
  tblSoftwareUni.softwareName As Software,
  tblMacApplications.Version As Version,
  tblSoftwareUni.SoftwarePublisher As Publisher,
  tsysIPLocations.IPLocation,
  tblAssetCustom.Manufacturer,
  tblAssetCustom.Model,
  tblMacOSInfo.SystemVersion As OS,
  tblAssets.SP,
  tblMacApplications.LastChanged,
  tblAssets.Lastseen,
  tblAssets.Lasttried,
  Case
    When tblMacApplications.Version >= '67.0.3' AND tblSoftwareUni.softwareName Like '%firefox%' Then '#d4f4be'
    When tblMacApplications.Version >= '60.7.1%' AND tblSoftwareUni.softwareName Like '%firefox%ESR%' Then '#d4f4be'
    Else '#ffadad'
End As backgroundcolor
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tsysIPLocations On tsysIPLocations.LocationID =
    tblAssets.LocationID
  Inner Join tblState On tblState.State = tblAssetCustom.State
  Inner Join tblMacApplications On
    tblAssets.AssetID = tblMacApplications.AssetID
  Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblMacApplications.softid
  Inner Join tblMacOSInfo On tblMacOSInfo.AssetID = tblAssets.AssetID
Where tblSoftwareUni.softwareName Like '%firefox%' And tblState.Statename =
  'Active'
Union
Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.Domain,
  tsysAssetTypes.AssetTypename As AssetType,
  tblAssets.Username,
  tblAssets.Userdomain,
  tsysAssetTypes.AssetTypeIcon10 As icon,
  tblAssets.IPAddress,
  Case
    When tblLinuxSoftware.Version >= '67.0.3' And tblSoftwareUni.softwareName
      Like '%firefox%' Then 'Up to date'
    When tblLinuxSoftware.Version >= '60.7.1' And
      tblSoftwareUni.softwareName Like '%firefox%ESR%' Then 'Up to date'
    Else 'Out of date'
  End As [Patch Status],
  tblSoftwareUni.softwareName As Software,
  tblLinuxSoftware.Version As Version,
  tblSoftwareUni.SoftwarePublisher As Publisher,
  tsysIPLocations.IPLocation,
  tblAssetCustom.Manufacturer,
  tblAssetCustom.Model,
  tblLinuxSystem.OSRelease As OS,
  tblAssets.SP,
  tblLinuxSoftware.LastChanged,
  tblAssets.Lastseen,
  tblAssets.Lasttried,
    Case
    When tblLinuxSoftware.Version >= '67.0.3%' AND tblSoftwareUni.softwareName Like '%firefox%' Then '#d4f4be'
    When tblLinuxSoftware.Version >= '60.7.1%' AND tblSoftwareUni.softwareName Like '%firefox%ESR%' Then '#d4f4be'
    Else '#ffadad'
End As backgroundcolor
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tsysIPLocations On tsysIPLocations.LocationID =
    tblAssets.LocationID
  Inner Join tblState On tblState.State = tblAssetCustom.State
  Inner Join tblLinuxSoftware On tblAssets.AssetID = tblLinuxSoftware.AssetID
  Inner Join tblSoftwareUni On
    tblSoftwareUni.SoftID = tblLinuxSoftware.SoftwareUniID
  Inner Join tblLinuxSystem On tblAssets.AssetID = tblLinuxSystem.AssetID
Where (tblSoftwareUni.softwareName Like '%firefox%' And tblSoftwareUni.softwareName Not Like '%locale%') And tblState.Statename =
  'Active'
Order By Domain,
  AssetName,
  Software

Audit and Take Action in 3 Easy Steps

Download-Install-Lansweeper

1. Download & Install Lansweeper

Save-and-Run-the-Report

3. Run the Audit & Take Action

Download Lansweeper to Run this Audit

Harness the Power of Reporting