Mozilla News, Articles and Updates

Mozilla patches unsanitised output flaw in Firefox

Mozilla patched an unsanitised output flaw in its Firefox browser user interface that could lead to arbitrary code execution.

It's all gravy for the onion router as Tor Browser beefs up security

Tor Browser 7.5 has been released this week complete with a bunch of security fixes that have already been rolled out to the Firefox Extended Support Release (ESR) 52.6 client it is built upon.

Mozilla patches one critical, two high flaws in Thunderbird

Mozilla issued a series of security updates for Thunderbird 52.5.2 that included a critically rated buffer overflow issue that could lead to a crash if exploited.

Firefox Mr Robot ad looks like malware to users

Mozilla scared - or at least upset - several of its users with the unannounced addition of a Firefox new plug-in, Looking Glass, to promote the USA Network hacker show Mr Robot.

MailSploit bugs let spoofed emails bypass DMARC, spam detectors

A collection of vulnerabilities dubbed Mailsploit, found by German security researcher Sabri Haddouche in 30 types of email client applications - from Apple Mail to Mozilla Thunderbird - lets hackers bypass anti-spoofing mechanisms.

Mozilla patches critical flaws in Firefox 57.0.1 update

Mozilla released a security update to address critical vulnerabilities in Firefox 57 which could allow a remote attacker to take control of an affected system.

Mozilla looses trust in Dutch Certs, raises wider concerns in industry

Dutch moves to strengthen the powers of its state authorities leads Mozilla to propose excluding Dutch CAs from its trust list - could form part of a wider undermining of trust in the Internet

Mozilla patches three critical issues in Thunderbird and Firefox

Mozilla issued a security update stating that the newly released Thunderbird 52.4 , Firefox 56 and Firefox ESR 52.4 patch 10 vulnerabilities, two rated critical, five high and three moderate found in earlier iterations of the software.

Mozilla issues five critical patches for Firefox and Firefox ESR

Mozilla issued two security advisories covering Firefox and Firefox ESR that between them contain 33 security patches, five rated as critical.

Mozilla fixes critical vulnerabilities in Firefox browser and Extended Support Release

Mozilla has issued security advisories announcing key updates to its Firefox browser and the Firefox Extended Support Release, both of which fixed vulnerabilities that the open-source developer labeled as critical.

Windows accelerates SHA-1 deprecation

Microsoft is set to bring the date after which its Windows browsers will no longer accept SHA-1 to the middle of next year after new research has shown the cryptographic hash function to be even more vulnerable than previously thought.

Mozilla may reject SHA-1 certificates six months early

Mozilla has stepped up pressure on enterprise companies that continue to use SHA-1 certificates after research last month demonstrated the algorithm could be broken in as little as three months.