CVE-2024-3863: 
NixOS vulnerability analysis and mitigation

A security vulnerability identified as CVE-2024-3863 was discovered in Mozilla Firefox, Firefox ESR, and Thunderbird browsers. The vulnerability affects Firefox versions before 125, Firefox ESR versions before 115.10, and Thunderbird versions before 115.10, specifically on Windows operating systems. The issue was disclosed on April 16, 2024, and involves the browser's failure to present executable file warnings when downloading .xrm-ms files (Mozilla Advisory).

The vulnerability is rated with a CVSS v3.1 Base Score of 9.8 (CRITICAL) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (NVD). The technical issue stems from the browser's download protection mechanism failing to properly identify and flag .xrm-ms files as executable files on Windows systems, bypassing the standard security warning that should be presented to users when downloading potentially dangerous files (Mozilla Advisory).

The vulnerability could allow malicious actors to bypass Firefox's download protection mechanisms on Windows systems. When users download .xrm-ms files, they are not presented with the standard executable file warning, potentially leading to the execution of malicious files without proper user awareness (Mozilla Advisory).

Mozilla has addressed this vulnerability in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Users are advised to update their browsers to these versions or later to receive the security fix (Mozilla Advisory, Mozilla ESR Advisory, Mozilla Thunderbird Advisory).