Firefox 79 Brings Enhanced Tracking Protection 2.0 and Many Bug Fixes
Last updated September 24, 2021
- Firefox 79 has landed, and it’s an important release that fixes four high impact security flaws.
- The German audience will now get “Pocket recommendations,” and those using screen-reading assistants will see many improvements.
- The latest version of Mozilla’s browser is also bringing “Enhanced Tracking Protection 2.0”.
Mozilla has released Firefox 79.0, and it’s a bug-fixing release that is mostly fixing things here and there. The most notable upgrade is the second major version of the in-built tracking protection system, which adds stricter protection features against unwanted first-party cookies, clears them automatically every day, and keeps only those that the user interacted with.
Those will be kept for 45 days unless the user interacts with them again, and action that would reset the timer. That alone makes version 79 more powerful against invasive tracking, so users have a compelling reason to upgrade.
Related: Firefox 69 Brings Tracking Protection, and DoH is the Next Step Now
Apart from that, Mozilla continues the roll-out of the “WebRender” to more Windows users sporting Intel and AMD graphic units, essentially improving the browser’s performance for an even wider audience. Also, “Pocket” recommendations (popular news articles) will now cover the German audience, too, following the initial support for U.S., Canada, and the U.K.
Screen reader enhancements, JAWS crash fixes, and correct label displaying on SVG title and description elements when using assistive tech products have also been implemented on Firefox now.
And then there are the security features and bug fixes, which is the main point of version 79. Enterprise admins are now given the option to set a policy to require a “primary password” (master).
As for the bugs that have been squashed, the most noteworthy are the following:
- CVE-2020-15652 (high impact): Potential leak of redirect targets when loading scripts in a worker
- CVE-2020-15659 (high impact): Memory safety bugs fixed in Firefox 79
- CVE-2020-6514 (high impact): WebRTC data channel leaks internal address to peer
- CVE-2020-15655 (high impact): Extension APIs could be used to bypass Same-Origin Policy
- CVE-2020-15653 (moderate impact): Bypassing iframe sandbox when allowing popups
- CVE-2020-6463 (moderate impact): Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
- CVE-2020-15656 (moderate impact): Type confusion for special arguments in IonMonkey
- CVE-2020-15658 (low impact): Overriding file type when saving to disk
- CVE-2020-15657 (low impact): DLL hijacking due to incorrect loading path
- CVE-2020-15654 (low impact): Custom cursor can overlay user interface
Finally, Mozilla gave developers some love as well with this release, introducing Console improvements, better JavaScript error visibility, empowering the “Inspector” with higher levels of reliability when opening SCSS sources, and making async code event tracing more insightful.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular