Security News > 2022 > May > Firefox out-of-band update to 100.0.1 – just in time for Pwn2Own?
Late last week, our Slackware Linux distro announced an update to follow the scheduled-and-expected Firefox 100 release, which came out at the start of the month.
The blog article, entitled Improved Process Isolation in Firefox 100, actually came out the day before the 100.0.1 release was uploaded to the FTP server, as though the changes were already accomplished in the 100.0 release.
The Improved Process Isolation report describes a long-running series of changes in Firefox that aim to take advantage of a Windows security setting known long-windedly as PROCESS MITIGATION SYSTEM CALL DISABLE POLICY. This isn't a new security feature - it arrived in Windows 8 - but it's not a mitigation that you can trivially apply to visual, interactive, graphics-rendering products such as browsers.
Firefox already splits itself into many separate processes, so that if the browser goes haywire in one tab, the compromised code doesn't immediately have access to the same memory space as all the other tabs.
You don't need to do anything, though we sympathise if you were confused by seeing reports that Firefox 100.0.1 was officially available, only to find that it won't show up as an official update until Monday 2022-05-16 at the earliest.
If you want to update ahead of the majority, you can download 100.0.1 from Mozilla's FTP server and deploy it yourself, instead of waiting until Firefox's internal update mechanism decides it's time.