Firefox 84.0.2 is a security update
Mozilla plans to release Firefox 84.0.2, a new version of the organization's stable version of the Firefox web browser, to the public on January 6, 2021.
Firefox 84.0.2 is the first stable release of the Firefox web browser in 2021; the next major stable release of Firefox is scheduled to be released on January 26, 2021.
The new Firefox release is not available at the time of writing. Mozilla is still preparing the release, but if there are not any last minute issues that would delay a release, Firefox 84.0.2 will become available in the coming hours.
Firefox users who have not turned off automatic updates will receive the update automatically. Those who don't want to wait for that to happen can select Menu > Help > About Firefox after the official release to initiate a manual update of the web browser.
The screen that opens displays the currently installed version of the web browser and runs a check for updates, provided that the functionality is enabled.
Again, this won't work at the time of publication of this article, but it will work later today provided that Mozilla will release the stable version today.
Update: The release notes are now available. Firefox 84.0.2 fixes a single security issue that is rated critical, the highest severity rating available. Mozilla notes:
A malicious peer could have modified a COOKIE-ECHO chunk in a SCTP packet in a way that potentially resulted in a use-after-free. We presume that with enough effort it could have been exploited to run arbitrary code.
You can check out the security notes here.
You are probably wondering about the changes in Firefox 84.0.2. The preliminary release notes confirm that Firefox 84.0.2 will be a security update. No other release information is provided at the time, and the linked security page has not been published yet.
Mozilla won't publish security information before releases, but these will become available later today as well. The severity of the security issues fixed in the new version of Firefox is unknown because of that as well. In fact, it is unclear if one or multiple security issues have been addressed in the new Firefox version.
We will update the article once the information is published by Mozilla.
I hope that some stability will be increased really soon, version 83 was better than 84. :[
Even if Mozilla hasn’t published the release notes yet, I guess we can just take a look at the source?
Something about SCTP cookies and SCTP streams.
Some security update for Apple chips for ESR. Quick update.
Apple chips are tasty!
Update to Firefox 84.0.2 : done.
Appreciable and appreciated to have latest technological news appear on Ghacks quasi instantly; moreover when security is concerned. Imagine running into an issue after the security patch has been made available but before being aware of it and applying it : just like soldiers who get killed after the armistice has been signed and before it is brought to the battlefield…
hello that’s good news
I suppose the separate windows telemetry task is still there and also the google trackers built into mobile versions. Undoing basic and obvious privacy infringements would be good first indicators if this browser is ever to be trusted again… been waiting a long time.
Keep waiting. Hope springs eternal.
C’mon, if you know what and where about these things, disable/remove them.
I’ll never understand the “Firefox isn’t what it never was anymore” cult. The alternative browser is what?
Firefox fanboys in this comment section will fight you tooth and nail whenever you claim that Mozilla’s privacy claims are just smoke screens (which they are).
Look at the reply from @ULBoom, “Nah, it’s fine, disable it at the registry level, not a problem.” – at this point, I could make an argument for Google Chrome even: “Nah, just block all the domains it tries to connect to at the router level, nothing to see here, move along.”
What is acceptable for Mozilla to do is suddenly totally unacceptable whenever someone else does the very same thing, these people are in love with the brand more than anything.
“The alternative browser is what?” – How about Vivaldi, Ungoogled Chromium, Bromite, Brave? All less invasive than Firefox at this stage, but whatever. There are even Firefox builds saner than what Mozilla has to offer, Fennec F-Droid on Android for example, which has the baked in trackers (lol) removed.
You can’t debate with these people, I’ve been there already.
ULboom, alternatives are all browsers without google trackers, microsoft levels of telemetry, that do shady stuff saying disable it when you really cant, so nearly all of them, pick any. Corporations are not your friend, mozilla does not have your back, you got played because tribalism and loyalty. C’mon get your priorities in order.
Iron, yep I think many people are trapped, they double down because they think they personally are being challenged and end up supporting some abusive 2-faced corporation, effectively turning them into drones. I used to think they must all be employees, but yea, really tragic.
On a similar note, when youre up against ex-cia, homeland security, employed as ‘Director of Trust and Security’, and similar suits from google on the board of directors, marketing is going to catch some people out.
I was just updated to 84.0.1 yesterday on Ubuntu 20.04.1.
Now I will have to wait again for the new version.
> been waiting
Instead of useless whining, you can always install it with /MaintenanceService=false parameter.
You tube Videos stuttering continuously after installing FF 84.0.2 and on Linux Mint 20.0 with the Hardware enablement Kernel 5.8.0-36 on an ASUS Tuf Laptop FX505DY(Ryzen 5 3550H/Radeon RX 560X) so had to revert back to an earlier system timeshift system snapshot to get back to FF 84.0.1 and is that security issue that critical?
That laptop can not operate the fans properly on any Linux Kernel below Kernel 5.6 so my Mint 20.0 install is not using the normal Kernel 5.4 on that laptop as the fans will not ramp perperly under load on that Laptop. So Kernel 5.8 is a must there for that laptop.
84.0.2 has left me unable to post to Facebook or Twitter. Older versions work just fine.