Mozilla has released Firefox 100.0.1 and, in addition to many fixes, it also brings improved process isolation for more security under Windows 10.
Download Mozilla Firefox 100.0.1
More security: Improved process isolation
With Firefox 100.0.1, Mozilla delivers improved process isolation, which prevents content processes from accessing the powerful win32k.sys API, which is a popular target for attacks. This requires Windows 10 with the Fall Creators Update (1709) or newer. Users of an older version of Windows 10 and Windows 8 will only be able to benefit from this with a future Firefox update. This protection is not technically possible for users of Windows 7, since Microsoft only introduced the requirements for this with Windows 8.
The fact that Mozilla released this improvement in an update out of the ordinary and didn’t wait for Firefox 101 is not surprising, given that this week the well-known Pwn2Own competition is taking place again, which is about uncovering security gaps in browsers, among other things, and himself Mozilla from the so-called Win32k Lockdown promises significant security benefits.
Incidentally, macOS users have already received a comparable improvement with Firefox 95. Since then, content processes no longer have access to the macOS WindowServer. And since Firefox 99, Linux users have been blocked from accessing the X Window System (X11).
Bug fixes in Firefox 100.0.1
Otherwise, Firefox 100.0.1 also brings various bug fixes for all platforms, including several bug fixes for the picture-in-picture (PIP) feature for videos. The subtitles feature for PIP already announced for Firefox 100, which Mozilla failed to enable for the final version of Firefox 100, is now available by default. As a reminder: On websites that support the WebVTT standard, as well as on the popular video and streaming platforms YouTube, Amazon Prime Video and Netflix, which use their own solution instead, Firefox can now display the subtitles of videos in picture-in -Show picture mode.
For web compatibility reasons, WebSockets over HTTP/2 have been disabled as the implementation in Firefox is buggy and can cause problems. In addition, the so-called user agent for a few more sites with poorly implemented User agent sniffing temporarily changed to Firefox 99. This affects the German Commerzbank, for example, where it was not possible to log into the bank account simply because the Firefox version number had three digits.
Also fixed a bug that caused untitled bookmarks to stop syncing.
Additionally, there were fixes for HDR video support on macOS introduced with Firefox 100, as well as for several crashes caused by third-party security software.
In addition, there were various corrections for the upcoming rollout of the so-called complete cookie protection in the standard configuration of Firefox. Introduced in Firefox 86, this privacy improvement is only active when Strict Tracking Protection is enabled.
#Firefox #brings #improved #process #isolation #bug #fixes