Firefox 89 update fixes several vulnerabilities
The update fixes nine security vulnerabilities with five identified as high risk.
Mozilla has released the new version 89.0 of the Firefox browser. The update eliminates some security vulnerabilities. Users should install the update quickly because of the vulnerabilities that have been fixed.
The update to Firefox 89.0 fixes nine security vulnerabilities with at least five of which are identified as high risk. Some might be useful for injecting and executing code. The first vulnerability (CVE-2021-29965) in Mozilla's security report MFSA2021-23 only affects Firefox for Android. The password manager can be tricked by manipulated websites. The remaining six vulnerabilities are classified as medium or low risk.
With the Firefox ESR 78.11.0 update, the Mozilla developers had fewer vulnerabilities to fix than in Firefox 89. Only one vulnerability also affects the ESR branch. In addition, there are a few internally discovered vulnerabilities, some of which may be suitable for executing injected code. In contrast to Firefox 89, Firefox ESR 78.x keeps the old design.
The Tor Browser based on Firefox ESR is not yet available in a new version. This should happen soon. This also applies to Mozilla's email software Thunderbird 78.11.0.
You can read more about the new version 89.0 in the Release Notes.
If you have already installed Firefox, it is best to use the update function integrated in Firefox. This will automatically provide you with the update Firefox 89.0 as soon as it is available for your Firefox.