Mozilla has patched numerous security vulnerabilities in Firefox version 129 alongside a few other improvements.
Mozilla just released the latest Firefox update (version 129.0) for Windows, macOS, Linux, and Android. This update comes with numerous fixes to security vulnerabilities, an enhanced Reader View, and revised handling of DNS entries. There are also security updates for the two ESR (Extended Support Release) versions of Firefox.
In the security report for Firefox 129, Mozilla lists 14 eliminated security vulnerabilities, which 11 of them categorized as high risk. As far as we know, none of the security vulnerabilities have yet been exploited in real-world attacks.
If you haven’t updated yet, you can go to Help > About Firefox to initiate an update check. Or you can download the Firefox update manually and install it yourself.
What’s new in Firefox 129?
Firefox now assumes by default that you want to access websites using the encrypted HTTPS protocol when URLs are entered without a specified protocol. If a website doesn’t support HTTPS, only then will Firefox attempt to access using unencrypted HTTP.
In addition, DNS over HTTPS (DoH) no longer has to be activated for Firefox to resolve HTTPS DNS entries with the DNS resolver in Windows 11 and Linux (as well as Android 10 or later).
And then you have Reader View, a long-existing feature in Firefox that lets you read the text on a webpage with all distracting elements removed (e.g., advertisements). Reader View is now customizable with new control elements, such as font types, font weights, content width, line spacing, and more. You can also select a color scheme or design one yourself.
If you hover your cursor over a background tab, Firefox currently only displays the title of the page in a tooltip. Over the next few days, Mozilla will gradually roll out a new preview function that shows a minimized screenshot of the tab’s page.
What about Firefox ESR?
Mozilla will continue to maintain two ESR (Extended Support Release) versions—at least until the next update, which should drop sometime near the beginning or middle of September.
ESR 115 got nine security vulnerabilities patched in this update. The end of Firefox ESR 115 will spell the official end of support for both Windows 7 and 8. However, as of right now, there hasn’t been any word as to the exact date of ESR 115’s deprecation beyond “September 2024.”
As for ESR 128, Mozilla patched 12 security vulnerabilities. These are largely the same vulnerabilities that were just fixed in Firefox 129.
What about Firefox for Android?
In Firefox for Android 129, the same vulnerabilities have been fixed as in the desktop version. The improvement to resolving HTTPS DNS entries, as described above, is also available for Android 10 and later. You can download additional languages for offline translations.
As of now, Mozilla plans to release Firefox 130, Firefox ESR 128.2, and Firefox ESR 115.15 on September 3, 2024.