The Mozilla Foundation has released Firefox 72 with browser fingerprinting protections built in. In addition, the latest update also addresses 11 security vulnerabilities.
Last year, Mozilla added Enhanced Tracking Protection (ETP) to Firefox to protect users from cross-site tracking. Firefox 72 now comes with more enhanced privacy protections against browser fingerprinting, an invasive form of cross-site tracking.
“Firefox 72 protects users against fingerprinting by blocking all third-party requests to companies that are known to participate in fingerprinting. This prevents those parties from being able to inspect properties of a user’s device using JavaScript. It also prevents them from receiving information that is revealed through network requests, such as the user’s IP address or the user agent header,” said Steven Englehardt in a blog post.
Englehardt also said this is Mozilla’s first step in the fight against fingerprinting technologies. He added that efforts will also need to include script blocking and API-level protections.
The Firefox 72 security advisory also includes security patches for five High severity vulnerabilities:
- CVE-2019-17015: Memory corruption in parent process during new content process initialization on Windows
- CVE-2019-17016: Bypass of @namespace CSS sanitization during pasting
- CVE-2019-17017: Type Confusion in XPCVariant.cpp
- CVE-2019-17024: Memory safety bugs fixed in Firefox 72 and Firefox ESR 68.4
- CVE-2019-17025: Memory safety bugs fixed in Firefox 72
Finally, the Firefox advisory addresses five Medium severity bugs and one Low risk bug.