Firefox Browser Gets Security Update

Monday, April 24, 2017 @ 04:04 PM gHale


Mozilla released Firefox 53 update last week, introducing a new browser engine and patching 39 vulnerabilities in the open-source web browser.

The new browser technology in Firefox 53 is known as Project Quantum and is a multipart effort to accelerate and improve the web browsing experience for users. The Project Quantum component included in Firefox 53 is known as the Quantum Compositor, which helps reduce the number of browser crashes due to graphics issues.

RELATED STORIES
Security Updates for Tor Browser
Chrome Updated with Security Fixes
Firefox Zero Day Mitigated
Tor Browser 6.5 Update Releases

With the Quantum Compositor, graphics rendering is now done separately from the main Firefox process. Mozilla’s early testing for the Quantum Compositor found it reduces the number of browser crashes by 10 percent.

In addition to the browser improvements, Mozilla patched 39 security vulnerabilities in the Firefox 53 update. Of those 39 vulnerabilities, Mozilla rated seven of them as critical.

As with nearly all Firefox updates, one of the critical vulnerability updates deals with memory safety bugs.

Among the other critical vulnerabilities patched in Firefox 53, two are use-after-free memory vulnerabilities (CVE-2017-5435 and CVE-2017-5433). Two other critical vulnerabilities are out-of-bounds memory errors (CVE-2017-5436 and CVE-2017-5461), plus a critical buffer overflow issue (CVE-2017-5459) ended up patched.

Beyond the critical issues that Mozilla fixed, it also patched three sandbox escape issues (CVE-2017-5454, CVE-2017-5455 and CVE-2017-5456) in Firefox 53 rated as having high impact. The Firefox sandbox is intended to restrict the ability of a given process to access areas of a system outside of the process sandbox.

Firefox 53 also introduces two new user interface themes. The Compact Light theme provides users with a more compact, smaller user interface using the default Firefox color scheme. The Compact Dark theme also has a compact user interface, but it provides a darker color scheme for night browsing.



Leave a Reply

You must be logged in to post a comment.