Firefox 96 released, here’s what’s new

Mozilla today released Firefox 96 stable. The release is a security update without drastic changes inthe user interface The most important part of the its changelog are improvements and security fixes. However, there are a few things regular users may like.

In addition, the ESR branch has got the 91.5.0 version. Firefox 97 entered Beta and is expected to be released on February 8th.

What's new in Firefox 96

The official change log mentions the following key changes.

New additions

Audio and Video

The browser includes significant improvements in noise-suppression and auto-gain-control as well as slight improvements in echo-cancellation to provide you with a better overall experience.

Performance

Firefox 96 comes reduced main-thread load

Appearance

Added the ability to forcefully enable dark or light themes for any site. The color scheme changes by the browser itself. It follows the system theme on Windows, Linux and MacOS and does not require any special implementation from the site. It allows you to use a dark theme on sites available only in light colors, and a light theme on dark sites. See the following screenshot with Winaero.

Fixes

• On macOS, command-clicking links in Gmail now opens them in a new tab as expected.
• Fixed an issue where video intermittently drops SSRC.
• Fixed an issue where WebRTC downgrades screen sharing resolution to provide you with a clearer browsing experience.
• Fixed video quality degradation issues on certain sites.
• Detached video in fullscreen on macOS has been temporarily disabled to avoid some issues with corruption, brightness changes, missing subtitles and high cpu usage.

Security fixes

High impact

• CVE-2022-22746: Calling into reportValidity could have lead to fullscreen window spoof
• CVE-2022-22743: Browser window spoof using fullscreen mode
• CVE-2022-22742: Out-of-bounds memory access when inserting text in edit mode
• CVE-2022-22741: Browser window spoof using fullscreen mode
• CVE-2022-22740: Use-after-free of ChannelEventQueue::mOwner
• CVE-2022-22738: Heap-buffer-overflow in blendGaussianBlur
• CVE-2022-22737: Race condition when playing audio files
• CVE-2021-4140: Iframe sandbox bypass with XSLT
• CVE-2022-22751: Memory safety bugs fixed in Firefox 96 and Firefox ESR 91.5

Moderate impact

• (moderate) CVE-2022-22750: IPC passing of resource handles could have lead to sandbox bypass
• CVE-2022-22749: Lack of URL restrictions when scanning QR codes
• CVE-2022-22748: Spoofed origin on external protocol launch dialog
• CVE-2022-22745: Leaking cross-origin URLs through securitypolicyviolation event
• CVE-2022-22744: The 'Copy as curl' feature in DevTools did not fully escape website-controlled data, potentially leading to command injection
• CVE-2022-22752: Memory safety bugs fixed in Firefox 96

Low impact

• CVE-2022-22747: Crash when handling empty pkcs7 sequence
• CVE-2022-22736: Potential local privilege escalation when loading modules from the install directory.
• CVE-2022-22739: Missing throttling on external protocol launch dialog

Download Firefox 96

If you haven't disabled updates,  you should receive the updated version of the browser automatically. Otherwise, you can download Firefox 96 using one of the following options.

• Download it from the official website
• For alternative downloads, head over the the following link: Download Firefox 95.

The latter link opens the file listing, organized into a few subfolders, including win32 for Firefox 32-bit for Windows, win64 - Firefox 64-bit for Windows. There are also mac and Linux builds.

Support us

Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options: