Uh Oh, Time to Patch Firefox Again

Mozilla have released an urgent patch to version 74.0 of Firefox, notifying browser users around the world that it’s time to patch Firefox again.

The timing of the new patch, which also affects the ‘Extended Support Release’ (version 68.6) suggests that the latest update fixes a vulnerability which (at worst) may have been live in the browser since July 2019.

Mozilla’s official announcement from 3rd April categorises the impact as ‘Critical’, and states that ‘we are are of targeted attacks in the wild abusing this flaw’.

The precise details of the security flaw have not yet been published, although we know that the issue refers to a ‘use-after-free’ function by which the browser frees up previously occupied memory back to the device – with online cybersecurity blogs speculating that any new contents of the relinquished memory may still have some level of access to the browser.

Community-led Mozilla, whose popular Firefox browser is still the World’s second-most popular desktop browser, suffered other critical security flaws as recently as January – when the US Department of Homeland security took the unusual step of instructing users to urgently update their browsers following the discovery of a vulnerability which granted potential access to the operating system.

Not that Mozzilla are unique in such issues: Google also faced embarrassment in recent months after rolling out an experimental change to Chrome which left millions of users unable to load new tabs.

Patch your browser regularly: Firefox users can update to version 74.0.1 via:

  • To upgrade on PC, open Firefox and click ‘About’ and select ‘Restart and Update Firefox.’
  • To upgrade on Mac, open Firefox and click ‘Options’, ‘Firefox Updates or Options’, ‘Advanced’, ‘Update to update Firefox.’

Critical Security Flaw Found in Firefox

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency have advised all Mozilla Firefox users to urgently update their browser versions, following discovery of a vulnerability that grants potential access to the operating system.

The unusual warning comes after Mozilla itself admitted being aware of ‘targeted attacks in the wild abusing this flaw.’

Security loopholes in major platforms are usually closed before criminals are able to exploit them on mass, but this latest admission raises the ‘security advisory’ notice to ‘critical’ status.

Users should upgrade their browser to at least version 72.0.1 on PC/Mac – mobile versions are thought to be unaffected.

  • To upgrade on PC, open Firefox and click ‘About’ and select ‘Restart and Update Firefox.’
  • To upgrade on Mac, open Firefox and click ‘Options’, ‘Firefox Updates or Options’, ‘Advanced’, ‘Update to update Firefox.’

Discovered by Chinese security company Qihoo 360 just two days following the release of Firefox’s previous update, the US Government ‘encourages users and administrators…. To apply the necessary updates.’

 

For IT Support and cybersecurity expertise, please contact Lineal today.


Firefox Quantum is fast (really fast.)

Firefox Quantum has been released to the world, in Mozilla’s biggest browser release since 2004.

Mozilla’s newest version of their flagship open-source browser project is by far the fastest ever version, with a visibly quicker, crisp style and 30% less memory usage than Chrome. In a subtle nod to Microsoft Edge’s fading promise, the project claims the new Browser will be fast ‘For Good.’

Lineal’s team have been impressed by how jaw-dropingly quick the new browser is. Strip back the home screen to nothing but a search bar and jumping to your first optimised web-page is like turning the page of a book – the kind of responsiveness Google say they want to one day achieve with Chrome.

And Firefox must stand up to Chrome. Google’s own web-browser has become the closest thing to an internet standard since competition rules finally punctured Internet Explorer’s dominance in the mid 2000s.

Chrome’s flat-packaged browser now accounts for around 60% of all normal web use, and increasingly eclipses major rivals like Firefox, Microsoft Edge, and Safari. This level of conformity may be unhelpful – just as Microsoft’s old defacto-monopoly of the browser market arguably prevented Internet Explorer from developing, to the detriment of web users, so Google Chrome’s dominance needs to be challenged. If not by Firefox, then whom?

Not comprehensively challenged, sadly: Firefox Quantum moves Mozilla from using Yahoo! search by default, to using Google, where the search giant is even further ahead. Mozilla will also inevitably fall far behind Google on mobile, where it runs on under 1% of devices thanks in part to Google’s own development of the Android platform.

Nevertheless a super-fast, community-driven browser for the future of the Internet (even on desktop) really is a breath of fresh air.

Firefox Quantum is available from the non-profit Mozilla’s website for Windows, Mac and Linux.

 

For IT Support and expertise – contact our team today: 01271 375999