In accordance with the Mozilla Manifesto, which emphasizes the open development of policy that protects users’ privacy and security, we have worked with the Mozilla community over the past several & Read more

The post Upgrading Mozilla’s Root Store Policy to Version 2.8 appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2022/05/23/upgrading-mrsp-to-v-2-8/

In our continued efforts to improve the security of the web PKI, we are taking a multi-pronged approach to tackling some long-existing problems with revocation of TLS server certificates. In & Read more

The post Revocation Reason Codes for TLS Server Certificates appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2022/05/16/revocation-reason-codes-for-tls-server-certificates/

  For decades users have been pressing Ctrl+C or relying on copy buttons. All these tricks and shortcuts to speed up text processing have become natural and intuitive to us. & Read more

The post Preventing secrets from leaking through Clipboard appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2021/12/15/preventing-secrets-from-leaking-through-clipboard/

In keeping with our commitment to the security and privacy of individuals on the internet, Mozilla is increasing our oversight and adding automation to our compliance-checking of publicly trusted intermediate & Read more

The post Improving the Quality of Publicly Trusted Intermediate CA Certificates with Enhanced Oversight and Automation appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2021/12/09/improved-quality-of-intermediate-certificates-with-enhanced-oversight-and-automation/

Add-ons are a powerful way to extend and customize Firefox. At Mozilla, we are committed not only to supporting WebExtensions APIs, but also ensuring the safety and reliability of the & Read more

The post Securing the proxy API for Firefox add-ons appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2021/10/25/securing-the-proxy-api-for-firefox-add-ons/

We are happy to announce that the Firefox 93 release brings two exciting privacy improvements for users of Strict Tracking Protection and Private Browsing. With a more comprehensive SmartBlock 3.0, & Read more

The post Firefox 93 features an improved SmartBlock and new Referrer Tracking Protections appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2021/10/05/firefox-93-features-an-improved-smartblock-and-new-referrer-tracking-protections/

  Downloading files on your device still exposes a major security risk and can ultimately lead to an entire system compromise by an attacker. Especially because the security risks are & Read more

The post Firefox 93 protects against Insecure Downloads appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2021/10/05/firefox-93-protects-against-insecure-downloads/

As part of our continuing work to ensure that Firefox provides secure and private network connections, it periodically becomes necessary to disable configurations or even entire protocols that were once & Read more

The post Securing Connections: Disabling 3DES in Firefox 93 appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2021/10/05/securing-connections-disabling-3des-in-firefox-93/

To provide transparency into our ongoing efforts to protect your privacy and security on the Internet, we are releasing a security audit of Mozilla VPN that Cure53 conducted earlier this & Read more

The post Mozilla VPN Security Audit appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2021/08/31/mozilla-vpn-security-audit/

We are pleased to announce a new, major privacy enhancement to Firefox’s cookie handling that lets you fully erase your browser history for any website. Today’s new version of Firefox & Read more

The post Firefox 91 Introduces Enhanced Cookie Clearing appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2021/08/10/firefox-91-introduces-enhanced-cookie-clearing/

  We are excited to announce that, starting in Firefox 91, Private Browsing Windows will favor secure connections to the web by default. For every website you visit, Firefox will & Read more

The post Firefox 91 introduces HTTPS by Default in Private Browsing appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2021/08/10/firefox-91-introduces-https-by-default-in-private-browsing/

  Starting with version 90, Firefox will automatically find and offer to use client authentication certificates provided by the operating system on macOS and Windows. This security and usability improvement & Read more

The post Making Client Certificates Available By Default in Firefox 90 appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2021/07/28/making-client-certificates-available-by-default-in-firefox-90/

  The File Transfer Protocol (FTP) has long been a convenient file exchange mechanism between computers on a network. While this standard protocol has been supported in all major browsers & Read more

The post Stopping FTP support in Firefox 90 appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2021/07/20/stopping-ftp-support-in-firefox-90/

Today, with the launch of Firefox 90, we are excited to announce a new version of SmartBlock, our advanced tracker blocking mechanism built into Firefox Private Browsing and Strict Mode. & Read more

The post Firefox 90 introduces SmartBlock 2.0 for Private Browsing appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2021/07/13/smartblock-v2/

  We are pleased to announce that Firefox 90 will support Fetch Metadata Request Headers which allows web applications to protect themselves and their users against various cross-origin threats like & Read more

The post Firefox 90 supports Fetch Metadata Request Headers appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2021/07/12/firefox-90-supports-fetch-metadata-request-headers/

Mozilla offers GPG signing to let you verify the integrity of our Firefox builds. GPG signatures for Linux based builds are particularly important, because it allows Linux distributions and other & Read more

The post Updating GPG key for signing Firefox Releases appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2021/06/02/updating-gpg-key-for-signing-firefox-releases/

At Mozilla, we believe that your right to privacy is fundamental. Unfortunately, for too long cookies have been used by tracking companies to gather data about you as you browse & Read more

The post Firefox 89 blocks cross-site cookie tracking by default in private browsing appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2021/06/01/total-cookie-protection-in-private-browsing/

Your personal data is yours  and it should remain yours! Unfortunately data breaches that reveal your personal information on the internet are omnipresent these days. In fact, fraudulent use & Read more

The post Updates to Firefoxs Breach Alert Policy appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2021/05/25/updates-to-firefoxs-breach-alert-policy/

When two major vulnerabilities known as Meltdown and Spectre were disclosed by security researchers in early 2018, Firefox promptly added security mitigations to keep you safe. Going forward, however, it & Read more

The post Introducing Site Isolation in Firefox appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2021/05/18/introducing-site-isolation-in-firefox/

We have been alerted about applications that use the root store provided by Mozilla for purposes other than what Mozilla’s root store is curated for. We provide a root store & Read more

The post Beware of Applications Misusing Root Stores appeared first on Mozilla Security Blog.

https://blog.mozilla.org/security/2021/05/10/beware-of-applications-misusing-root-stores/