Mozilla Firefox 55.0 has been released by Mozilla. The official release date of Firefox 55.0 is August 8, 2017. The new version of the web browser is already available, and will be offered on August 8 to existing users of the web browser provided that they have turned updates on.

Firefox 55.0 breaks compatibility with older versions of the browser and Firefox ESR. Users who want to downgrade are advised to back up their profiles prior to installing the update.

Firefox Beta, Nightly and ESR versions are also updated on the day. Firefox Beta is moved to Firefox 56.0, Firefox Nightly to Firefox 57.0, and Firefox ESR to 52.3.

Executive Summary

You cannot restore an older version / migrate to Firefox ESR after the upgrade to Firefox 55.

Firefox 55.0 is the first version of Firefox that moves directly from Nightly to Beta.

The new WebExtensions permissions systems is enabled.

Firefox startup session restore time has improved significantly.

Firefox 55.0 download and update

Direct download links for Firefox installation files:

Firefox 55.0 Changes

WebExtensions Permissions system is live

Firefox 55 ships with a permissions system for WebExtensions. These are displayed to the user during installation of a WebExtension in the web browser, and during updates if new permissions are requested.

A dialog is displayed to the user whenever a WebExtension is installed that requires permissions, and when a WebExtension is updated that requires new permissions.

Firefox lists the requested permissions, e.g. access browser tabs, and users may continue with the installation or update by selecting "add" or "update", or cancel the process.

Adobe Flash plugin restrictions

Mozilla set the Adobe Flash plugin to click-to-play by default, and decided to restrict Flash to http and https pages.

Mozilla notes that the change is rolled out gradually, and may not be visible immediately to all users.

5% of users two weeks after release.

25% of users a month after release.

100% of users six weeks after release.

Search suggestions enabled by default

Search suggestions, those displayed in the Firefox address bar when a user starts to type, are now enabled for all users except those who have opted out.

Firefox users can manage search engines and suggestions by loading about:preferences#search in the browser's address bar.

Users who don't want or require search suggestions can turn them off by removing the checkmark from "provide search suggestions" and "show search suggestions in location bar results".

New "Performance" section in Settings

Firefox 55 ships with a new performance section in Settings. Firefox users may select to run the browser with the recommended performance settings, or customize the following performance-related options:

Toggle hardware acceleration.

Set a content process limits for multi-process functionality.

Page Shot screenshot functionality

Firefox 55 users may notice a new screenshots icon in the Firefox main toolbar. This icon is not visible to all users at release, as Mozilla wants to run an A/B test first.

Those Firefox users who have it in their browser already may use it to capture a region of the web browser, or a page, and save it locally or online on https://screenshots.firefox.com/.

Other Firefox 55.0 changes

Firefox session restore startup time improved a lot.

Added Belorussian locale.

Assign custom shortcuts to Firefox on Mac OS X via System Preferences > Keyboard > Shortcuts.

Firefox 55 marks the beginning of theme support. The browser.theme.update API is available which features similar capabilities as Firefox lightweight themes.

Geolocation API requires secure origin. Same is true for Storage API.

Loading of mixed content allowed on localhost.

Print preview feature to simplify print jobs.

Remote jar files are not loaded by default anymore. Mozilla disabled support for the jar: protocol back in Firefox 45, but had to re-enable it because it broke IBM iNotes functionality. Firefox 55 disables jar: again as IBM updated iNotes so that it no longer requires remote jars. Firefox users who require the functionality may switch network.jar.block-remote-files to false to restore it. (Bug 1329336)

to false to restore it. (Bug 1329336) Sidebar can be moved to the right.

Support for WebVR.

WebExtensions performance improvements, e.g. host matching, lazy loading APIs and more.

Windows Stub installer simplified, option to select installation directory or program shortcuts removed. Firefox users need to use the full installer for these options.

Developer Changes

about:debugging page changes. Temporary add-ons are listed at the top, a remove button is now available, and help is shown if an extension has a temporary ID.

Extensions may disable WebRTC.

Network Monitor: show hide columns, remote IP, protocol, scheme, cookies and set cookies columns, filtering of network requests by column values and other properties, and regular expressions.

New APIs: Collaborative Scheduling of Background Tasks API, WebVR 1.1 API, Intersection Observer API.

Proxy API to insert proxy configuration files into Firefox.

runtime.onMessageExternal API implemented to allow communication between WebExtensions add-ons.

Support for EME on insecure contexts deprecated.

webRequest API improvements, e.g. declining requests before cookies are processed.

Firefox 55.0 for Android

The following features are new or changed on Android (apart from those that were mentioned already for Firefox for the desktop):

Option to zoom with one hand using double tap and drag gestures.

Greek and Lao locales added.

Accessibility settings have an option to respect the system's font size when displaying web pages.

Firefox 55.0.1

Firefox 55.0.1 was released on August 10, 2017. It is a bug fix release that fixes the following issues in Firefox 55:

A rendering issue with "some" PKCS#11 libraries.

What's new page not displayed under some conditions.

Tab restoration process regression.

Disabled the predictor prefetch.

Firefox 55.0.2

Firefox 55.0.2 was released to the stable channel on August 16, 2017. It is another bug fix release that patches the following bugs in Firefox:

Fix username bug if it had "specific characters in the path".

Patched new installation notification for sideloaded add-ons.

Fixed performance regressions with WebExtensions.

Fixed a regression with the popup menu.

Firefox 55.0.3

Fireofx 55.0.3 was released to the stable channel on August 26, 2017. The new stable version of Firefox fixes the following two issues:

Fixed file uploads to some websites (thumbnails to YouTube, images to Tweaker)

Fixed issue with add-ons if file paths use non-ascii characters.

Security updates / fixes

Security changes are announced after the official release. We will update the review when Mozilla publishes them.

CVE-2017-7798: XUL injection in the style editor in devtools

CVE-2017-7800: Use-after-free in WebSockets during disconnection

CVE-2017-7801: Use-after-free with marquee during window resizing

CVE-2017-7809: Use-after-free while deleting attached editor DOM node

CVE-2017-7784: Use-after-free with image observers

CVE-2017-7802: Use-after-free resizing image elements

CVE-2017-7785: Buffer overflow manipulating ARIA attributes in DOM

CVE-2017-7786: Buffer overflow while painting non-displayable SVG

CVE-2017-7806: Use-after-free in layer manager with SVG

CVE-2017-7753: Out-of-bounds read with cached style data and pseudo-elements

CVE-2017-7787: Same-origin policy bypass with iframes through page reloads

CVE-2017-7807: Domain hijacking through AppCache fallback

CVE-2017-7792: Buffer overflow viewing certificates with an extremely long OID

CVE-2017-7804: Memory protection bypass through WindowsDllDetourPatcher

CVE-2017-7791: Spoofing following page navigation with data: protocol and modal alerts

CVE-2017-7808: CSP information leak with frame-ancestors containing paths

CVE-2017-7782: WindowsDllDetourPatcher allocates memory without DEP protections

CVE-2017-7781: Elliptic curve point addition error when using mixed Jacobian-affine coordinates

CVE-2017-7794: Linux file truncation via sandbox broker

CVE-2017-7803: CSP containing 'sandbox' improperly applied

CVE-2017-7799: Self-XSS XUL injection in about:webrtc

CVE-2017-7783: DOS attack through long username in URL

CVE-2017-7788: Sandboxed about:srcdoc iframes do not inherit CSP directives

CVE-2017-7789: Failure to enable HSTS when two STS headers are sent for a connection

CVE-2017-7790: Windows crash reporter reads extra memory for some non-null-terminated registry values

CVE-2017-7796: Windows updater can delete any file named update.log

CVE-2017-7797: Response header name interning leaks across origins

CVE-2017-7780: Memory safety bugs fixed in Firefox 55

CVE-2017-7779: Memory safety bugs fixed in Firefox 55 and Firefox ESR 52.3

Firefox ESR security fixes are listed here.

Additional information / sources

Now Read: The state of Mozilla Firefox

Summary Article Name Firefox 55.0: find out what is new Description Mozilla Firefox 55.0 Stable introduces important changes to Firefox. It ships with a WebExtensions permissions system, and is no longer backwards compatible. Author Martin Brinkmann Publisher Ghacks Technology News Logo

Advertisement