Mozilla release an emergency update for Firefox 32.0 on September 24th, 2014 with Firefox 32.0.3. This release addressed these issues: MFSA 2014-73: RSA Signature Forgery in NSS Please see the release notes for full details. Depending on update settings, users will be prompted to update to version 32.0.3 or can do so via Help > About Firefox or going to getfirefox.com where they can download and manually install the latest version of Firefox. The next planned release will be Firefox 33 on October 14, 2014.
Security
Read More
Now, for whatever reason I have not seen any reference to this new feature (or annoyance as Mozilla makes it rather difficult to allow the download if you understand the risks) in the Firefox 32.x release notes. From the Mozilla Security Blog: Until recently, we only had access to lists of reported malicious web sites, now the Safe Browsing service monitors malicious downloaded files too. The latest version of Firefox (as of July 22) will protect you from more malware by comparing files you download against these lists of malicious files, and blocking them from infecting your system. The next version of Firefox…
Mozilla release an emergency update for Firefox 32.0 on September 12th, 2014 with Firefox 32.0.1. This release addressed these bugs: Stability issues for computers with multiple graphics cards Mixed content icon may be incorrectly displayed instead of lock icon for SSL sites WebRTC: setRemoteDescription() silently fails if no success callback is specified Please see the release notes for full details. Depending on update settings, users will be prompted to update to version 32.0.1 or can do so via Help > About Firefox or going to getfirefox.com where they can download and manually install the latest version of Firefox. The next planned release will…
Mozilla release the next update for Firefox with Firefox 30.0 on June 10th, 2014. This update includes a couple new features: Sidebars button in browser chrome enables faster access to social, bookmark, & history sidebars Mac OS X command-E sets find term to selected text There were several fixes included in this update and those can be found in the Release Notes. Depending on update settings, users will be prompted to update to version 30 or can do so via Help > About Firefox or going to getfirefox.com where they can download and manually install the latest version of Firefox. The…
We have been told over and over and over again to use strong passwords. If you can remember your password then it is too weak. Because of this, many people use password vaults or password managers to store their super strong impossible to remember passwords. When they need to log into the site, they simply paste the password from their vault or use their password manager to fill-in the password field. Seems like a good security practice as the users have a very strong password…apparently not. Some sites are no longer allowing you to paste in your password (some may or…
Besides the UI overhaul aka Austrilas, Firefox 29 features a new and improved Firefox Sync. I didn’t really know what was so new about it since I had tried a long time ago to use it without much success. Turns out, Mozilla has made the sign-up as well as management processes a lot simpler now. This help article checks your user agent and will automatically direct you to Sync instructions based on what browser you are using. Reading through this article you will see the current method is very complicated and time consuming. Note: If you click the link in Firefox…
“Brendan Eich is the chief technology officer of the Mozilla Foundation, the non-profit behind the Firefox web browser. Among many other things, he oversees the Firefox security team — the software engineers who work to steel the browser against online attacks from hackers, phishers, and other miscreants — and that team is about to get bigger. Much, much bigger. … “ Source: Wired UK More Mozilla calls on users to protect Firefox from the NSA
Mozilla released the next update for Firefox Desktop users on Tuesday, December 10th. Firefox 26 included these updates: NEW All Java plug-ins are defaulted to ‘click to play’ Password manager now supports script-generated password fields Updates can now be performed by Windows users without write permissions to Firefox install directory (requires Mozilla Maintenance Service) Support for H.264 on Linux if the appropriate gstreamer plug-ins are installed CHANGED Support for MP3 decoding on Windows XP, completing MP3 support across Windows OS versions CSP implementation now supports multiple policies, including the case of both an enforced and Report-Only policy, per the spec DEVELOPER…
Finally after years of being held hostage by Macromedia/Adobe’s Flash Plugin, Firefox will no longer be dependent on this annoying and often times mischievous plugin to display Flash type content come Firefox 27 in early 2014. Mozilla developed Shumway, an open-source HTML5 competent starting back in early 2012 to replace the proprietary Flash (player) Plugin. via Geek.com
Searches in the Firefox in browser Add-ons Manager (Tools > Add-ons) will no longer return results for add-ons which are experimental or not “Fully Reviewed”. Fully reviewed add-ons meet all of our quality standards, while preliminarily [sic] reviewed add-ons only have to meet a lower standard, focused mostly on security and privacy. While Mozilla did make the reviews levels clear on the AMO site, the in browser add-ons manager did not show a distinction between Fully Reviewed and Experimental add-ons. As a result, users could unknowingly install an experimental add-ons when they believed they were installing a Fully Reviewed add-on….