The Mozilla Foundation has released Firefox 87 that introduces a new feature ‘SmartBlock for Private Browsing’ along with security fixes for two High risk vulnerabilities.
An attacker could exploit these vulnerabilities to take control of impacted systems.
The latest Firefox 87 includes a number of bug fixes, security patches and new feature called SmartBlock, a new “intelligent tracker blocking mechanism for Firefox Private Browsing and Strict Mode.” SmartBlock adds strong privacy protections for Firefox users and also helps improve browsing experience.
“SmartBlock does this by providing local stand-ins for blocked third-party tracking scripts. These stand-in scripts behave just enough like the original ones to make sure that the website works properly. They allow broken sites relying on the original scripts to load with their functionality intact,” Mozilla wrote in a blog post.
In addition, Firefox 87 fixed the following High severity vulnerabilities as part of Mozilla Foundation Security Advisory 2021-10:
- CVE-2021-23981: Texture upload into an unbound backing buffer resulted in an out-of-bound read.
- CVE-2021-23987: Memory safety bugs fixed in Firefox 87 and Firefox ESR 78.9.
Mozilla warned that the memory safety vulnerability (CVE-2021-23987) could lead to memory corruption and be exploited to run arbitrary code. To add, Mozilla also patched four Medium and two Low risk vulnerabilities.
Finally, Mozilla also addressed vulnerabilities in Firefox ESR 78.9 and Thunderbird 78.9.