Mozilla Firefox 74 Browser Version Out With Support TLS 1.2

Firefox Browser
Firefox Browser

Mozilla Firefox 74 Browser Version released for all platforms including Windows, Linux and Mac and fixes 6 High security Critical Bugs.

Changes in DNS Over HTTPS

When you type a web address or domain name into your address bar (example: www.mozilla.org), your browser sends a request over the Internet to look up the IP address for that website.

Traditionally, this request is sent to servers over a plain text connection. This connection is not encrypted, making it easy for third-parties to see what website you’re about to access.

DNS-over-HTTPS (DoH) works differently. It sends the domain name you typed to a DoH-compatible DNS server using an encrypted HTTPS connection instead of a plain text one. This prevents third-parties from seeing what websites you are trying to access.

The feature is enabled by default for U.S, whereas in other countries need to enable it manually.

How To Enable?

  1. Just Go to Menu button and select Preferences
  2. Choose General > Network Settings
  3. Click Setting > Click on checkbox to Enable DNS Over HTTPS

Another big changes in Firefox 74 browser, it will only support TLS 1.2 or above encrypting HTTPS connections and disabled TLS 1.0 and TLS 1.1.

 

Following security vulnerabilities fixed in Firefox 74

  • CVE-2020-6805: Use-after-free when removing data about origins

Impact- high

Description- When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash.

  • CVE-2020-6808: URL Spoofing via javascript: URL

Impact- moderate

Description- When a JavaScript URL (javascript:) is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. Previously, this document’s URL (as reported by the document.location property, for example) was the originating javascript: URL which could lead to spoofing attacks; it is now correctly the URL of the originating document.

  • CVE-2020-6814: Memory safety bugs fixed in Firefox 74 and Firefox ESR 68.6

Impact- high

Description- Mozilla developers Byron Campen, Jason Kratzer, and Christian Holler reported memory safety bugs present in Firefox 73 and Firefox ESR 68.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.

  • CVE-2020-6815: Memory and script safety bugs fixed in Firefox 74

Impact- high

Description- Mozilla developers Jason Kratzer, Boris Zbarsky, Tyson Smith, and Alexandru Michis reported memory safety and script safety bugs present in Firefox 73. Some of these bugs showed evidence of memory corruption or escalation of privilege and we presume that with enough effort some of these could have been exploited to run arbitrary code.

Here you can direct Download Mozilla Firefox 74 Browser

For the latest update about Cyber and Infosec World, follow us on Twitter, Facebook, Telegram , Instagram and subscribe to our YouTube Channel.

Subscribe to HackersOnlineClub via Email

Enter your Email address to receive notifications of Latest Posts by Email | Join over Million Followers

More from Priyanshu Sahay

QRLJacking- Hack Accounts Login With QR code

QRLJacking or Quick Response Code Login Jacking is a simple social engineering...
Read More

Leave a Reply