Mozilla Firefox 100.0.1 is a small bug fix release that addresses issues in the browser’s Picture-in-Picture mode and improves process isolation on Windows devices.
Mozilla planned to release the new version on May 11, 2022 initially but the release has been delayed. It is unclear why it was delayed at this point, but it is expected soon.
Mozilla Firefox 100.0.1
Linux and Mac versions of Firefox have seen security improvements in previous releases already. Firefox for Mac included changes in version 95 that block access to the WindowServer, which improved security and the process startup performance on Mac devices.
Firefox 99 for Linux included a change that removed the connection from content process to the X11 server, which “stops attackers from exploiting the unsecured X11 protocol”.
The improvement in Firefox for Windows improves the browser’s security significantly by blocking access to Win32k APIs for content processes. Mozilla notes that Win32k APIs are often targeted by exploits and that the limitation puts an end to these.
The change is being rolled out to Windows 10 Creators Update and newer versions of Windows at the time of writing, meaning any supported Windows 10 and Windows 11 installation with Firefox running on it is supported already.
The organization published a technical overview of the feature and implementation on its Mozilla Hacks website.
Picture-in-Picture mode saw several improvements in the Firefox 100 release. One of the main changes added support for video captions and subtitles to many video streaming sites on the Internet.
Firefox 100.0.1 fixes two bugs, one related to the display of subtitles:
- Fixed an issue with subtitles in Picture-in-Picture mode while using Netflix
- Fixed an issue where some commands were unavailable in the Picture-in-Picture window
Now You: have you used Firefox’s Picture-in-Picture feature? What is your take on the security sandbox improvement?