The main differences between Firefox 78 and Firefox ESR 78

Martin Brinkmann
Jun 30, 2020

Mozilla released Firefox 78.0 Stable and Firefox 78.0 ESR today. The new version of the Firefox web browser is a major release for both stable and ESR; ESR, Extended Support Release, because it moves the version from Firefox 68.x to 78.x.

A major Firefox ESR version increase includes lots of changes as minor ESR versions don't get all the new features that stable versions of the browser get every four weeks. New major ESR versions introduce these features.

Firefox administrators can stay on Firefox ESR 68.x for the time being. Mozilla will release additional updates for that particular version of the browser. The older version will run out of support in eight weeks, however when Firefox ESR 78.2 and Firefox 80 are released.

firefox esr 78

While Firefox 78 Stable and Firefox ESR 78 share most features, there are some differences between both versions.

Firefox ESR 78: No WebRender

Mozilla introduced support for WebRender in Firefox 67 but only for a small part of the installation base. The organization started to enable WebRender on additional devices but has not yet rolled it out to all Firefox installations.

WebRender is used to render webpages and applications with the help of the video card. The main advantage of WebRender is that it improves performance significantly when it is used.

WebRender is not enabled in Firefox ESR 78.

Firefox ESR 78: MITM Detection is disabled

Firefox may detect if software on a device uses MITM (Man in the Middle) implementations. Security software may use it and this may lead to security and loading issues on the Internet.

Firefox 78 Stable supports the detection of MITM if it is causing connection issues, whereas Firefox ESR 78 does not by default. If the stable version of Firefox suspects a connection issue caused by MITM, it sets the preference security.enterprise_roots.enabled to True, and tries the connection again.

The setting is reset to False if the connection does fail, or kept set to True if it does not fail.

Firefox administrators may enable the feature by setting security.certerrors.mitm.auto_enable_enterprise_roots to true.

Firefox ESR 78: Use of client certificates enabled by default

Firefox supports its own certificate store and it is the default store for all non-ESR versions. Firefox ESR on the other hand supports the use of client certificates by default.

Administrators may disable the feature by setting security.enterprise_roots.enabled to false.

Firefox ESR 78: Option to deactivate the add-on signature requirement

Mozilla introduced mandatory extension signatures in Firefox 43. Add-ons that users want to install in Firefox need to be signed.

Firefox Nightly, Developer, and Firefox ESR are the only Firefox channels that allow users to deactivate that requirement.

Administrators need to change the value of xpinstall.signatures.required to False to do so.

Firefox ESR 78: Additional Enterprise policies and updates

The following policies are new or updated in Firefox ESR 78:

  • (New) Handlers policy - Configure default application handlers. See here.
  • (New) MasterPassword policy -- Configure whether a master password is required, or prevent it from being set. See here.
  • (New) PDFjs policy -- Disable or configure PDF.js, Firefox's built-in PDf viewer. See here.
  • (New) DisableDefaultBrowserAgent policy -- Only on Windows. Prevent the default browser agent from taking any actions. See here.
  • (Updated) ExtensionSettings policy -- New restricted domains option to prevent extension access. See here.
  • (Updated) DisabledCiphers policy -- Option to enable ciphers that Firefox has disabled. See here.

Now You: do you run Firefox? If so, which edition? (via Sören Hentzschel)

The main differences between Firefox 78 and Firefox ESR 78
Article Name
The main differences between Firefox 78 and Firefox ESR 78
The guide looks at the differences between the new stable version of Firefox, Firefox 78, and the new Extended Support Release version, Firefox ESR 78.
Ghacks Technology News

Tutorials & Tips

Previous Post: «
Next Post: «


  1. Mothy said on July 1, 2020 at 2:03 pm

    I only use the ESR version for the slower feature release cadence, primary focus on stability and security fixes as well as policy templates that can be used with Windows Group policy to control various browser settings. A big one is to disable updates so I have full control over the process as I don’t like software checking for updates without my explicit consent. Instead when I’m ready to update I download the full exe file from Mozilla then always choose a custom install unchecking the maintenance service (not wanted nor needed since updates are disabled).

  2. owl said on July 1, 2020 at 6:09 am

    I have experience with most browsers except Google Chrome, Microsoft Edge and Opera (e.g. Iridium browser, Ungoogled Chromium browser, Otter Browser, etc).
    However, my favorite browser to use exclusively is “Firefox ESR”.

    I use “Firefox DeveloperEdition” to support AMO development, and also use “Firefox Nightly” for testing new features and such.
    In the others, Pale Moon, Tor Browser, Brave and Iridium browser are implemented too.

    I prefer “RSS subscriptions”, so I prefer to use Thunderbird to “check RSS along with email” rather than Browser.
    As an aid to this, “ThunderbirdTray” is useful.
    TheGuardianWolf/ThunderbirdTray: Minimise thunderbird to tray with a Windows tray app. | GitHub
    Minimize Thunderbird to the system tray with ThunderBirdTray | gHacks Tech News

  3. Robert G. said on July 1, 2020 at 5:44 am

    I run both on the same computer.

    Thanks Martin and Sören for the infos.

  4. KERR said on July 1, 2020 at 4:11 am

    Been waiting for this so I can use Picture In Picture on my work PC 👍

  5. Ah ah ah, you didn't say the magic word! said on July 1, 2020 at 1:43 am

    Martin, thanks for the news and the comparison.

  6. Anonymous said on July 1, 2020 at 12:16 am

    ”Firefox administrators may enable the feature by setting security.certerrors.mitm.auto_enable_enterprise_roots to true.”

    I had version 77, then I installed 78 esr with same profile. That setting (true) is now default.

    I disabled only those older cipher suites that recommended.

    ”750 /** CIPHERS [WARNING: do not meddle with your cipher suite: see the section 1200 intro]”

    ”639 Your cipher and other settings can be used in server side fingerprinting”

    ”766 /* 1264: disable the remaining non-modern cipher suites as of FF78 (in order of preferred by FF) ***/”

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.