Mozilla this week released Firefox 73, a minor upgrade whose most notable addition was a new default setting for page zooming.
Software engineers working on the open-source browser also patched six vulnerabilities, half of them labeled “High,” Mozilla’s second-most-serious threat rating. As usual, some of the flaws might be used by criminals.
“We presume that with enough effort some of these could have been exploited to run arbitrary code,” the firm wrote of two of the bugs.
Firefox 73 can be downloaded for Windows, macOS and Linux from Mozilla’s site. Because Firefox updates in the background, most users need only relaunch the browser to get the latest version. To manually update on Windows, pull up the menu under the three horizontal bars at the upper right, then click the help icon (the question mark within a circle). Choose “About Firefox.” (On macOS, “About Firefox” can be found under the “Firefox” menu.) The resulting page shows that the browser is either up to date or describes the refresh process.
Mozilla last upgraded the browser on Jan. 7, or five weeks ago.
From this point forward, Mozilla will refresh the browser every four weeks. Firefox 74 will end a gradual reduction to the intervals between upgrades: Mozilla announced the release speed-up in September, when it said the original six-week span would be shortened to five weeks, then to four.
Firefox’s faster release tempo comes at a price: the distinct possibility that each upgrade will boast fewer new features, fewer improvements and enhancements. Firefox 73 is proof, as Mozilla was able to highlight just two changes evident to end users.
The first was a new user-set global default for the page zoom level. Rather than monkey with zoom for each site individually – to, for instance, zoom in to make text more readable for older eyes – users can set a default level higher or lower than 100% as the new baseline.
To change the default zoom (which remains at 100% if the user declines to modify it), users must open Preferences (on macOS) or Options (Windows), then under the “General” tab locate “Language and Appearance.” Select the desired default zoom from the box under “Zoom.”
That number – 110%, for instance – becomes the new baseline for all sites. Users can still manually increase or decrease zoom with keystroke combinations or from the menu.
The other addition trumpeted by Mozilla in Firefox 73’s release notes was labeled “readability backplate” and designed to collaborate with Windows’ high contrast mode. The latter is a setting that replaces the original colors of, say, a website’s text and background, with high contrast combinations for easier reading by people with vision issues.
Previously, Firefox has simply disabled background images when the user enabled high contrast mode. In Firefox 73, the readability backplate “places a block of background color between the text and background image,” Mozilla said. “Now, websites in High Contrast Mode are more readable without disabling background images.”
Days are numbered for TSL 1.0 and TSL 1.1
Mozilla, like other browser makers, is knee-deep in putting an end to the outdated encryption protocols of TLS (Transport Layer Security) 1.0 and 1.1.
In a Feb. 6 post, Thyla van der Merwe, the cryptography engineering manager at Mozilla, promised that the upcoming Firefox 74 would give the boot to the pair. “Expect Firefox 74 to offer TLS 1.2 as its minimum version for secure connections when it ships on 10 March 2020,” she wrote.
Although van der Merwe said that Firefox would retain an override button (which has been appearing on warnings when users try to reach a website encrypted by TSL 1.0 or TSL 1.1), she noted that with telemetry trends being what they were, “It’s unlikely that the button will stick around for long.”
The next version, Firefox 74, will release on March 10.