The Mozilla Foundation released Firefox 60 earlier today. The highlights of this new Firefox version are support for a policy engine for deploying Firefox across enterprise environments, support for the WebAuthn passwordless authentication system, and the addition of sponsored stories (ads) for US users.
Firefox 60 has already been rolled out to the stable channel, and users will be able to update by going to the Help > About Firefox section of their menu.
By far the biggest addition to Firefox 60 is the new Group Policy engine that allows system administrators in large corporate networks to deploy and control Firefox settings across an entire company via group policy objects.
Other browsers like Chrome, Edge, and IE had a similar feature for years, and this was one of the most requested features in Firefox for a long time.
Two blog posts from Mozilla engineers detail the new Group Policy engine, but you can also get a quick summary by watching the YouTube video below. Sample Policy Engine templates are also available on GitHub.
Firefox 60 is also the first Firefox version that supports the new WebAuthn passwordless authentication protocol. We've already covered the protocol in a separate article, so we're not going to go into more details here.
Firefox 60 comes with support for same-site cookies, a mechanism that prevents malicious websites from requesting other sites' cookies.
Mozilla engineers added support for this feature to improve both user privacy, but also as a way to prevent some types of cross-site request forgery (CSRF) attacks that relied on malicious sites faking actions on other sites by employing cookies they shouldn't have had access to.
Another privacy-focused feature is that Firefox now restricts websites' access to its internal Proximity and Ambient Light sensor APIs.
This protection is not turned on by default, but we've already detailed the steps users can take to protect their privacy in a previous article that readers can check out here.
But the most controversial feature added to Firefox 60 is something called "Promoted Stories," which translates to ads.
As we explained in an article over the weekend, these will be shown only to US users, will appear on the New Tab page, aren't that intrusive, and can easily be turned off if users want to.
As we've explained in February, Firefox 60 is also the first version of Firefox where users can disable the Sync option from showing up in their browser's settings panel.
Mozilla engineers decided to add this option to Firefox as a favor for the Tor Browser development team, but regular users who want to remove the Sync option from Firefox are also welcomed to use it.
Firefox 60 also brings a change to how the browser lets users manage cookies. The same controls are there, but instead of having a button that reads remove individual cookies like before, this option is now hidden under the Manage Data button.
There are other changes included with Firefox 60. General changes are detailed in the official Firefox release notes, developer-centric changes are detailed in a Mozilla Hacks blog post, and security fixes are available on the Mozilla Security portal.
Mozilla also promoted Firefox 60 to the ESR (Extended Support Release) channel, meaning this version will receive bug fixes for a longer period of time than other Firefox releases, and will also end up at one point or another as the base of Tor Browser.