Mozilla Ups Security, Tracking Protection in Firefox 43
The new open-source browser release patches 16 different security advisories as the 64-bit Windows edition debuts.Mozilla came out today with its open-source Firefox 43 browser release, giving users a number of security enhancements and patching vulnerabilities. The Firefox 43 release is likely the last Mozilla Firefox release for 2015 and follows the Firefox 42 release that debuted on Nov. 2. A key feature that debuted in the Firefox 42 release is Tracking Protection, which is being further enhanced in the new Firefox 43 release. In Firefox 42, Tracking Protection blocked some forms of tracking content that came from advertising and analytics platforms. With Firefox 43, Tracking Protection is now being extended to block trackers that are found in embedded content such as video and photos. "We're seeing early positive feedback [on the Tracking Protection feature] and will continue to gather input as we develop the feature," Denelle Dixon-Thayer, chief legal and business officer at Mozilla, told eWEEK. Tracking Protection isn't the only area of security hardening in Firefox 43. There is a also a patch that supports what is known as Subresource Integrity (SRI), which is a technology that allows Websites to ensure that their dependencies can't attack their users.
"Without SRI, if a page on Site A includes a script from another Site B, the page expects Site B to send the legitimate script, but it has no guarantee—Site B could just as well provide a malicious script," Richard Barnes, Firefox security lead at Mozilla, told eWEEK. "SRI allows Site A to ensure that only legitimate content will be accepted from Site B."
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.