Firefox 87 update fixes security vulnerabilities
Mozilla has released the new browser versions Firefox 87.0 and Firefox ESR 78.9.0 and the developers fixed several security vulnerabilities.
The new Firefox 87.0 is available for download and is being distributed as an update via the integrated update functionality.
The Mozilla Security Advisory MFSA-2021-10 lists six vulnerabilities that have been discovered and reported by external security researchers. Mozilla does not classify any of these vulnerabilities as critical and one is considered a high risk. It affects textures uploads into a buffer which could confuse the WebGL code and result in exploitation.
Firefox 87 introduces new SmartBlock for Private Browsing
Mozilla also continues to work on privacy improvements. In Firefox 87, the developers introduce SmartBlock to increase privacy protection for Private Browsing and the Strict Mode. It blocks external scripts and images that can be used to track users. Some websites may now not work properly anymore, so Firefox 87 uses replacement scripts to fix up these broken web pages.
Firefox 87 also cuts off path information and the so-called query strings from the HTTP referrer. All that remains is the base URL of the website. This prevents user data from being transmitted to other websites.
The Firefox internal about:config page offers configuration options for advanced users. Firefox 87 now offers a new option Show changed settings only. This allows you to track down changes that you have made yourself faster.
The vulnerabilities mentioned above have also been eliminated in Firefox ESR 78.9.0. The Tor Project has not yet received an update, but should follow soon.
If you have already installed Firefox, it is best to use the update function integrated in Firefox. This will automatically provide you with the update Firefox 86.0 as soon as it is available for your Firefox.