Firefox 88.0.1 arrives with critical vulnerability fix

Firefox logo

Recently a corrective version of Firefox 88.0.1 was released which is already available and it is suggested to all browser users to update their browser as soon as possible, given thatThe main reason for the release is the focus on security and bug fixes.

The reason for this is that with this corrective version of Firefox 88.0.1 two vulnerabilities have been eliminated, one of which is considered critical (CVE-2021-29953) while the other vulnerability that was detected (CVE-2021-29952) could potentially be exploited to be able to execute code by the attacker.

Regarding the most serious vulnerability (CVE-2021-29953) it is mentioned that the specified issue allows JavaScript code to run andn the context of a different domain, that is, it allows the attacker to implement a kind of universal cross-site scripting method.

On the one hand, a note to the description of the problem indicates that the vulnerability only manifests in Firefox for Android, but, on the other hand, the normal Firefox also appears in the list of affected products in addition to “Firefox for Android”.

The second vulnerability (CVE-2021-29952) is caused by a race condition in Web Render components and could potentially be exploited to execute attacking code.

Of the other changes that are integrated in this new corrective release unrelated to vulnerabilities:

  • Fixed issues when using the Widevine plugin to play paid protected content (DRM) in relation to Amazon Video content in SD quality video viewing and which is also present in the Widevine version included in Chrome.
  • Fixed an issue that caused corrupt video playback from Twitter or when invoking WebRTC on Intel systems with Gen6 GPUs.
  • Fixed a bug that caused menu items in the settings section to be unreadable when high contrast mode was enabled.

Finally if you are interested in knowing more about it, you can check the details In the following link.

How to install or update the new version of Firefox in Ubuntu and derivatives?

As always, for those who already use firefox, they can simply access the menu to update to the latest version, that is, Firefox users who have not disabled automatic updates will receive the update automatically.

While for those who do not want to wait for that to happen they can select Menu> Help> About Firefox after the official launch to initiate a manual update of the web browser.

The screen that opens displays the currently installed version of the web browser and runs a check for updates, provided the functionality is enabled.

Another option to update, is if you are a user of Ubuntu, Linux Mint or some other derivative of Ubuntu, you can install or update to this new version with the help of the browser’s PPA.

This can be added to the system by opening a terminal and executing the following command in it:

sudo add-apt-repository ppa:ubuntu-mozilla-security/ppa -y 
sudo apt-get update
sudo apt install firefox

Finally for those who prefer to use Snap packages, They will be able to install the new version as soon as it is released in the Snap repositories.

But they can get the package directly from Mozilla’s FTP. With the help of a terminal by typing the following command:

wget https://ftp.mozilla.org/pub/firefox/releases/88.0.1/snap/firefox-88.0.1.snap

And to install the package we just type:

sudo snap install firefox-88.0.1.snap

Or on the other hand, they can execute the Snap update command, with which not only the browser will update but all the applications that they have installed through Snap. To do this, they simply have to open a terminal and execute the following command in it:

sudo snap update

Or also with the command:

sudo snap refresh Firefox

Finally, you can get the browser with the latest installation method that was added “Flatpak”. To do this, they must have support for this type of package.

Installation is done by typing:

flatpak install flathub org.mozilla.firefox

Add Comment