Firefox 85 Comes with Supercookie Protection

Firefox 85 Comes with Supercookie Protection

Firefox 85 comes with enhanced privacy protection by fighting against stealthy cookies, a.k.a. supercookies and fixes critical security bugs, amongst other features.

Firefox 85 Comes with Supercookie Protection: Firefox, the privacy oriented open source web browser, has released version 85 with enhanced privacy features and security updates. The new release protects users from supercookies, enhances removal of saved logins with one click, and fixes critical security bugs. The latest release also does not support Adobe Flash any more as Adobe Flash has officially reached end of life on January 2021.

What Is Firefox?

Mozilla Firefox, or Firefox shortly, is a privacy oriented, free and open source web browser developed by the Mozilla Foundation. Created by Dave Hyatt and Blake Ross as an experimental branch of the Mozilla browser, it was first released on November 9, 2004, as Firefox 1.0.

With a 3.77% market share, following Chrome (63.38%) and Safari (19.25%), Firefox is the the third most frequently used web browser currently. Since Firefox is considered one of the most secure browser with its top privacy features, it is also used as the base browser of Tor Browser.

What Is New?

The changes in this version include:

Supercookie Protection

Firefox automatically blocks cookies from known trackers since 2018, in an effort to fight against online tracking and adtech companies. Additionally, it automatically blocks browser fingerprinting scripts from known sources, starting with its Firefox 72 release on January, 2020.

With Firefox 85, Mozilla enhances user privacy protection further by fighting against stealthy cookies, a.k.a. super cookies. Super cookies can store user identifiers just as normal cookies. However, they are comparatively much more difficult to detect and to delete as they stay hidden in the obscure parts of the browsers, such as Flash storage, ETags, HSTS flags etc.

In an attempt to render super cookies useless, Firefox 85 simply isolates caches and network connections for each visited website, rather than detecting and removing them. With this additional security mechanism implemented, cross-site tracking is blocked effectively, though trackers can still abuse caches to create supercookies.

Quote by Martina Navratilova
Quote by Martina Navratilova

Security used to be an inconvenience sometimes, but now it’s a necessity all the time.

Martina Navratilova

Read more educational and inspirational cyber quotes at our page 100+ Best Cyber Security & Hacker Quotes.

One Click Removal of Saved Logins

As with the other major web browsers, Firefox offers a built-in password manager to securely store usernames and passwords used to access websites and to automatically fill them in the next time the websites visited.

In an effort to enhance the usability of the built-in password manager, Firefox 85 adds a feature to allow users to remove all of saved logins with one click, as opposed to deleting each login individually.

Security Fixes

Firefox 85 also fixes multiple security vulnerabilities listed below. CVE-2021-23964 and CVE-2021-23965 are the most severe ones amongst the fixed vulnerabilities as they could lead to Remote Code Execution (RCE) attacks due to memory corruption flaws.

  • CVE-2021-23953 Cross-origin Information Leakage via Redirected PDF Requests
  • CVE-2021-23954 Type Confusion When Using Logical Assignment Operators in JavaScript Switch Statements
  • CVE-2021-23955 Clickjacking Across Tabs Through Misusing requestPointerLock
  • CVE-2021-23956 Disclose a Complete Directory via File Picker Dialog
  • CVE-2021-23957 Iframe Sandbox Bypass on Android via the Intent URL Scheme
  • CVE-2021-23958 Screen Sharing Permission Leaked Across Tabs
  • CVE-2021-23959 Cross-Site Scripting in Error Pages on Firefox for Android
  • CVE-2021-23960 Use-After-Poison for Incorrectly Declared JavaScript Variables During GC
  • CVE-2021-23961 Probe Internal Network Hosts
  • CVE-2021-23962 Use-After-Poison in <code>nsTreeBodyFrame::RowCountChanged</code>
  • CVE-2021-23963 Permission Prompt Inaccessible After Asking for Additional Permissions
  • CVE-2021-23964 Memory Safety Bugs
  • CVE-2021-23965 Memory Safety Bugs

How To Download or Update Your Firefox?

You can download Mozilla Firefox from Mozilla’s official downloads page.

If you have a currently installed Firefox Browser, it will automatically update to the latest release with the next restart of the browser. Or, you can manually update your Firefox Browser by going to Options >> Help >> About Firefox.

To read more about the features of the new release of Mozilla Firefox, you can visit the official Mozilla Firefox Release webpage.

You could also read our popular articles What is a Security Vulnerability? or What is Vulnerability Scanning?