For at past nine years, Mozilla has been using an insufficiently strong encryption mechanism for the "master password" feature.
The Mozilla Foundation has released a new stable version of Firefox —version 59— that comes with speed improvements, privacy-enhancing features, but also a new Firefox release dedicated to Amazon Fire TV users.
Starting with Firefox 60 —expected to be released in May 2018— websites won't be able to use Firefox to access data from sensors that provide proximity distances and ambient light information.
Google has released Chrome 65 earlier today, and this new browser version comes with new APIs, the blocking of tab-under redirects, and 45 security fixes.
Mozilla will add an option in Firefox 60 that will let users disable and hide the Firefox Sync option in the Firefox settings panel.
A new ransomware was discovered this week by MalwareHunterTeam called Black Ruby. This ransomware will encrypt the files on a computer, scramble the file name, and then append the BlackRuby extension. To make matters worse, Black Ruby will also install a Monero miner on the computer that utilizes as much of the CPU as it scan.
A change meant to improve Google Chrome performance will also indirectly impact cryptojacking scripts (in-browser cryptocurrency miners) and will severely reduce their efficiency.
Firefox 59 will strip referrer information from URLs while the user is in Private Browsing mode. The measure is meant to safeguard users from accidental data leaks of sensitive information.
Mozilla has released Firefox 58.0.1 to fix a security issue that was hiding in the browser's UI code and would have allowed an attacker to run code on the user's computer, allowing a quick and easy path to delivering malware or even taking over the entire PC.
Lenovo has issued security updates for a fingerprint scanner app it shipped with ThinkPad, ThinkCentre, and ThinkStation machines.
Google has released Chrome 64 for Windows, Mac, Linux, and Android, and this new Chrome version brings improvements to the browser's built-in ad blocker, a bunch of developer and web standards-related changes.
Red Hat is releasing updates that are reverting previous patches for the Spectre vulnerability (Variant 2, aka CVE-2017-5715) after customers complained that some systems were failing to boot.
In a groundbreaking statement earlier this week, Mozilla announced that all web-based features that will ship with Firefox in the future must be served on over a secure HTTPS connection (a "secure context").
As Intel, AMD, and other CPU manufacturers have started releasing CPU microcode (firmware) updates for processor models affected by the Meltdown and Spectre patches, those updates are trickling down to OEMs and motherboard vendors, who are now integrating these patches into BIOS/UEFI updates for affected PCs.