Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing

        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing

        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing

        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing

        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training

        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing

        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review

        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention

        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise

        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle

        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

I'VE BEEN BREACHED

Firefox 80 released with new and faster extensions blocklist

Firefox 80 released with new and faster extensions blocklist

Firefox 80 released with new and faster extensions blocklist

Mozilla has released Firefox 80 today, August 25th, 2020, to the Stable desktop channel for Windows, macOS, and Linux with new features, bug fixes, changes, enterprise improvements, and several security fixes.

The highlight of this release is that it enables Mozilla’s new add-ons blocklist designed to enhance the browser’s performance and scalability by lowering the time needed to parse the list when automatically disabling problematic Firefox extensions.

Firefox 80 also enables users to set it as their system’s default system PDF viewer and fixes several crashes that make the web browser more stable for screen reader users.

Windows, Mac, and Linux desktop users can upgrade to Firefox 80 by going to Options -> Help -> About Firefox and the browser will automatically check for the new update and install it when available.

Firefox 80

With the release of Firefox 80, all other Firefox development branches have also moved up a version bringing Firefox Beta to version 81 and the Nightly builds to version 82.

Firefox 81.0 Beta, the next release that Mozilla will promote to the stable branch, also adds support for “control media playback via hardware media keys on a keyboard or headset or virtual media control interface” and “smoother video playback and improved AV sync of 60 fps videos on macOS.”

You can download Firefox 80 from the following links:

If the links above haven’t yet been updated to download Firefox 80, you can also manually download it from Mozilla’s FTP release directory.

Below you can find the major changes and improvements in Firefox 80 — if you want to read the full release notes, you can do so here.

Firefox’s new add-ons blocklist

Mozilla has been blocking extensions causing stability or security issues with the help of a list of unsafe add-ons since at least 2008.

Starting with Firefox 80, the web browser will use a new and more scalable version of this blocklist which should lower the time Firefox needs to parse it.

“When we become aware of add-ons that go against user expectations or risk user privacy and security, we take steps to block them from running in Firefox using a mechanism called the add-ons blocklist,” Engineering Manager for Firefox Add-ons Stuart Colville said.

“One of the constraints of the previous blocklist was that it required parsing of a large number of regular expressions. Each Firefox instance would need to check if any of its user’s installed add-ons matched any of the regular expressions in the blocklist.

“As the number of blocks increased, the overhead of loading and parsing the blocklist in Firefox became greater. In late 2019, we began looking into a more efficient way for Firefox to determine if an add-on is blocked.”

Firefox disables extensions using three types of blocks, based on the severity of the issues it causes:

• Hard blocks disable an add-on and do not allow you to enable it or override the block (used when add-ons are found to be malicious.)
• Soft blocks disable an extension by default, but allow you to override and continue to use the add-on (issued for non-malicious add-ons.)
• Click-to-activate blocks disable a plugin by default, but allow you to enable the plugin for particular sites (issued for non-malicious plugins.)

The current list of blocked add-ons because of serious security, stability, or performance issues with Firefox is available here.

Other bug fixes, improvements, and developer changes

New:

  • Firefox can now be set as the default system PDF viewer.
  • The name reported by accessibility tools for items in multi-tiered tree controls no longer incorrectly includes information from items at deeper levels, providing users with the correct level of content when using a screen reader.

Fixed:

  • Several crashes while using a screen reader were fixed including a frequently encountered crash when using the JAWS screen reader.
  • Firefox Developer Tools received significant fixes allowing screen reader users to benefit from some of the tools that were previously inaccessible.
  • SVG title and desc elements (labels and descriptions) are now correctly exposed to assistive technology products such as screen readers.

Also read: 10 Simple and Useful Tips On Agreement Drafting Services

Changed:

  • For users with reduced motion settings, we’ve reduced a number of animations such as tab loading to reduce motion for users with migraines and epilepsy.
  • The new add-ons blocklist has been enabled to improve performance and scalability.

Enterprise:

  • A number of bug fixes and new policies have been implemented in the latest version of Firefox. You can see more details in the Firefox for Enterprise 80 Release Notes.
  • Today’s release is the final scheduled for Firefox 68 ESR (68.12) unless there is a critical security issue found prior to the release of Firefox ESR 78.3 on September 22, 2020. Users of Firefox 68 ESR will be automatically upgraded to the Firefox 78 ESR series with the release of 78.3.

Developer:

  • We’ve shipped an experimental sidebar panel in the inspector to Firefox Developer Edition that helps developers more quickly identify potential browser compatibility problems based on MDN data.
  • In the Network Monitor request list, a turtle icon is shown for “slow” requests that exceed a threshold for the waiting time.
  • Firefox now supports RTX and Transport-cc for improved call quality in poor network conditions and better bandwidth estimation. These features also provide better compatibility with many websites using WebRTC.

Security fixes

• CVE-2020-15663: Downgrade attack on the Mozilla Maintenance Service could have resulted in escalation of privilege

• CVE-2020-15664: Attacker-induced prompt for extension installation

• CVE-2020-12401: Timing-attack on ECDSA signature generation

• CVE-2020-6829: P-384 and P-521 vulnerable to an electro-magnetic side channel attack on signature generation

• CVE-2020-12400: P-384 and P-521 vulnerable to a side channel attack on modular inversion

• CVE-2020-15665: Address bar not reset when choosing to stay on a page after the beforeunload dialog is shown

• CVE-2020-15666: MediaError message property leaks cross-origin response status

• CVE-2020-15667: Heap overflow when processing an update file

• CVE-2020-15668: Data Race when reading certificate information

• CVE-2020-15670: Memory safety bugs fixed in Firefox 80 and Firefox ESR 78.2

Also read: 7 Principles of Personal Data Processing

0 Comments

Let us help you out.

Grab your free consultation NOW!

Privacy Ninja

Data Protection​

Cybersecurity

Support

Company

Locations

Singapore

7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987

Thailand

The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand



email-icon
Facebook Twitter Linkedin Youtube

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
TALK TO US
×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

× Chat with us