Security News
Mozilla has slowed the rollout of Firefox 82 just two days after its release due to printing bugs and crashes in the new version. Mozilla Firefox 82 was released on October 20th, with only a few improvements in performance and its Picture-in-Picture feature.
Mozilla has slowed the rollout of Firefox 82 just two days after its release due to printing bugs and crashes in the new version. Mozilla Firefox 82 was released on October 20th, with only a few improvements in performance and its Picture-in-Picture feature.
Mozilla released Firefox 81.0.2 today, October 13th, 2020, to the Stable desktop channel for Windows, macOS, Linux, and Android with a fix for a known issue preventing Twitter's website from loading. The issue affecting a large number of Firefox users caused the web browser to display blank pages or errors instead of loading Twitter pages on both desktop and mobile devices.
Mozilla published a support document with a quick fix for a widely reported known issue causing Twitter not to load on the Firefox web browser. According to a bug Mozilla has been tracking and working on fixing for the last 20 days, some users might see blank pages or errors when trying to visit the social network's website, with some reports also saying that the issue also affects mobile users.
Mozilla patched high-severity vulnerabilities with the release of Firefox 81 and Firefox ESR 78.3, including several that could be exploited to run arbitrary code. Firefox ESR is a Firefox version that's based on an official release for desktop, for use by organizations who need extended support for mass deployments.
A vulnerability in Firefox for Android paves the way for an attackers to launch websites on a victim's phone, with no user interaction. "Instead of providing the location of an XML file describing a UPnP device, an attacker can run a malicious SSDP server that responds with a specially crafted message pointing to an Android intent URI. Then, that intent will be invoked by the Firefox application itself."
A vulnerability identified in Firefox for Android could have been exploited to remotely open arbitrary websites on a targeted user's phone without the need to click on links, install malicious applications, or conduct man-in-the-middle attacks. The flaw was discovered by researcher Chris Moberly in version 68 of Firefox for Android.
Mozilla is decommissioning Firefox Send and Firefox Notes, two legacy services that emerged out of the Firefox Test Pilot program. Firefox Send, the browser maker reveals, is being discontinued because it has been abused for delivering malware and phishing attacks.
Dear Android users, if you use the Firefox web browser on your smartphones, make sure it has been updated to version 80 or the latest available version on the Google Play Store. Discovered originally by Australian security researcher Chris Moberly, the vulnerability resides in the SSDP engine of the browser that can be exploited by an attacker to target Android smartphones connected to the same Wi-Fi network as the attacker, with Firefox app installed.
Mozilla announced on Thursday that it has expanded its bug bounty program with a new category that focuses on bypass methods for the exploit mitigations, security features and defense-in-depth measures in Firefox. Mozilla says mitigation bypasses have until now been classified as low- or moderate-severity issues, but they are now eligible for a reward associated with a high-severity flaw as part of the new Exploit Mitigation Bug Bounty.