Firefox 23 tackles security and social, fixes 13 bugs

Summary:Firefox 23 fixes a slew of flaws, including four critical and seven high impact bugs, and brings in new social features.

The latest release of Mozilla's browser, Firefox 23, opens it up t more social integration and fixes a number of flaws.

Building on the Facebook Messenger integration via the Social API introduced last year, Mozilla has included a new share button in the Firefox toolbar that allows sharing content from the browser without leaving the current page.

Sharing is supported by Cliqz, Mixi and msnNOW and Mozilla says it is hoping to add more sites, services and apps.

Most of the new features were unveiled in the beta release in June , including the new default security setting that blocks "mixed active content"  such as JavaScript, CSS, objects, xhr requests, iframes and fonts (when an HTTPS page contains HTTP resources, the HTTP resources are called mixed content) but allows passive content such as images, audio and video loads.

The measure is designed to thwart 'man in the middle' attacks, where an attacker can intercept requests for HTTP active content and swap out the response to include malicious JavaScript.

Users will notice a blocked shield icon in the address URL bar when mixed content is blocked on a site. Clicking on the icon offers the option to 'Learn More', 'Keep Blocking' or 'Disable Protection on this Page'.

All Firefox browsers beyond version 23 will block mixed active content by default, but allow mixed passive content. Chrome and IE have already implemented the security measure.

Regardless if people want the new social features, the 13 security bugs — including four critical and seven high impact flaws — fixed in the latest Firefox release are a good reason to update. A brief description of the flaws can be found here

Topics: Browser, Security


Liam Tung is an Australian business technology journalist living a few too many Swedish miles north of Stockholm for his liking. He gained a bachelors degree in economics and arts (cultural studies) at Sydney's Macquarie University, but hacked (without Norse or malicious code for that matter) his way into a career as an enterprise tech, s... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.