Security News > 2021 > December > Latest Firefox 95 Includes RLBox Sandboxing to Protect Browser from Malicious Code

Mozilla is beginning to roll out Firefox 95 with a new sandboxing technology called RLBox that prevents untrusted code and other security vulnerabilities from causing "Accidental defects as well as supply-chain attacks."

All major browsers are designed to run web content in their own sandboxed environment as a means to counter malicious sites from exploiting a browser vulnerability to compromise the underlying operating system.

Firefox also implements Site Isolation, which loads each website separately in its own process and, as a result, blocks arbitrary code hosted on a rogue website from accessing confidential information stored in other sites.

RLBox "Minimizes the burden of converting Firefox to securely and efficiently use untrusted code."

RLBox aims to increase browser security by sandboxing third-party C/C++-language libraries that are vulnerable to attacks from interfering with the rest of the browser.

Mozilla noted that cross-platform sandboxing for Graphite, Hunspell, and Ogg is shipping in Firefox 95 across desktop and mobile versions of the browser, while Expat and Woff2 are expected to gain support for the feature in Firefox 96.

News URL

https://thehackernews.com/2021/12/latest-firefox-95-includes-rlbox.html