Articles in “Firefox”

Update on Plugin Activation

To provide a better and safer experience on the Web, we have been working to move Firefox away from plugins. After much testing and iteration, we determined that Firefox would … Read more

A New Focus on Security in the Web Console

Web developers need better tools to help them debug security issues. The Web Console, part of the Firefox Developer Tools, shows errors and warnings filtered into different categories. Firefox 23 … Read more

Investigating Security Vulnerability Report

Update – August 5, 2013 Issue Mozilla was notified on August 4, 2013 of a potential security vulnerability with Firefox 17 (current general release is Firefox 22). Upon investigation we … Read more

Using Coverage Data for Security

We recently started measuring C/C++ code coverage on mozilla-central again and documented the various efforts around it in a new MDN article.

7 Tips for Fuzzing Firefox More Effectively

In the past half year I learned quite a lot about the different fuzzing approaches that security researchers and contributors use on Firefox. Although information on the subject should be … Read more

Why an outdated Java Plugin is so serious

Recently, Mozilla responded to an imminent threat to Firefox users who have an outdated Java plugin installed: Vulnerable versions of the plugin were blocked automatically (see blog post). Since then, … Read more

Update on Address Sanitizer

In a previous blog post, I outlined how the memory error detection tool Address Sanitizier (ASan) can be used with Firefox to find memory problems with a high degree of … Read more

DigiNotar Removal Follow Up

Earlier this week we revoked our trust in the DigiNotar certificate authority from all Mozilla software. This is not a temporary suspension, it is a complete removal from our trusted … Read more