The Mozilla developers have updated to the new versions of the web browser Firefox 122, the long-term support version Firefox ESR 115.7 and the Thunderbird email program to version 115.7 as planned. While the ESR version only corrects security errors, Firefox 122 and Thunderbird have some new functions and other error corrections.

Firefox 122 finally supports passkeys. The browser relies on the operating system functions for storage and management, for example the Apple keychain (iCloud Keychain) and Windows Hello. The new support becomes visible in the browser settings under passwords. There is now a shortcut to the Windows system settings for managing passkeys.

New Firefox 122

The Release Notes for Firefox 122 list improvements that fix annoying problems. The integrated local translation recently delivered rather disappointing results, but the developers now want to have significantly improved and stabilized this. Firefox now also shows preview images and descriptions of the search engine for search suggestions when entering search terms.

Mozilla has taken over the company FakeSpot and has now moved its AI to check reviews on shopping portals into the web browser - this was already announced for version 119. After calling about:config, the option browser.shopping.experience2023.enabled can be set to true.

The handling of line breaks in web content has been adapted to the Unicode standard. For East and Southeast Asian users, double-click word selection works as expected in Chinese, Japanese, Burmese, Lao, Khmer, and Thai. Linux users also receive the additional offer of a Debian-based installation package (.deb) maintained by the manufacturer, which can be used under Debian and offshoots such as Ubuntu or Linux Mint.

New Thunderbird 115.7

The Release Notes for Thunderbird 115.7, however, list many small bug fixes. For example, when mail accounts were collapsed, the number of unread messages was not displayed. Canceling the sending of messages via SMTP before the 100 percent mark was reached did not stop sending. OpenPGP dialogs were too small for the content and therefore only partially displayed it. Many other corrections are mentioned in the release notes.

Security Fixes

The developers are also closing numerous security gaps in Firefox and Thunderbird. In total, Firefox has 122 patches against 15 security leaks. Five gaps therefore represent a high risk and ten a medium risk. According to the Mozilla programmers' security announcement, the high-risk gaps lead to potentially exploitable crashes when displaying crafted websites that call up the ANGLE graphics engine or during the negotiation of TLS connections. A gap in JavaScript could therefore be clearly misused by the developers for code smuggling through manipulated websites.

There were nine security vulnerabilities in Thunderbird. The developers classify two of these as high threats and seven as medium. They partially overlap with the vulnerabilities fixed in Firefox 122 and also allow code to be inserted, for example by calling the ANGLE interface.

Anyone who uses Firefox or Thunderbird should therefore ensure that they are using the latest version of the software. The version currently used is displayed in the version dialog, which opens after clicking on the symbol with the three stacked lines to the right of the address bar and then selecting "Help" - "About Firefox" or "About Thunderbird". He also carries out the update and then offers the necessary restart of the software to activate the changes.