The Mozilla Foundation has released Firefox 91 that includes new security features and fixes for six vulnerabilities, five rated High severity.
An attacker could exploit the vulnerabilities to take control of impacted systems.
The latest Firefox 91 includes a number of bug fixes, security patches and a new Windows single sign-on (SSO) feature.
“Windows SSO is a new feature starting in Firefox version 91 that allows you to login to Microsoft, work, and school accounts using credentials from your Windows 10 operating system. You can enable it by checking the checkbox in the Privacy & Security section in Firefox settings,” Mozilla wrote in a blog post.
As part of Mozilla Foundation Security Advisory 2021-34, Firefox 91 also includes fixes for the following five High severity vulnerabilities:
- CVE-2021-29986: Race condition when resolving DNS names could have led to memory corruption.
- CVE-2021-29988: Memory corruption as a result of incorrect style treatment.
- CVE-2021-29984: Incorrect instruction reordering during JIT optimization.
- CVE-2021-29980: Uninitialized memory in a canvas object could have led to memory corruption.
- CVE-2021-29989: Memory safety bugs fixed in Firefox 91 and Firefox ESR 78.13.
Mozilla warned that CVE-2021-29989 could be exploited to run arbitrary code.
Mozilla also fixed one Moderate risk bugs in the latest Firefox 91 release.
Finally, Mozilla published new security update Firefox ESR 78.13 with three high severity vulnerability fixes.
- Mozilla releases Firefox 90 with new version of SmartBlock and 9 security fixes
- Mozilla releases Firefox 89 with new privacy protections and nine security fixes
- Mozilla releases Firefox 88 with new protection against privacy leaks on the web
- Firefox 87 adds SmartBlock for Private Browsing
- Firefox 86 adds ‘Total Cookie Protection’ along with fixes for 5 High risk vulnerabilities
- Mozilla releases Firefox 85, fixes for 5 High risk vulnerabilities