Mozilla releases Firefox 100: here is what is new
The first three-digit version of Mozilla's Firefox web browser has been released on May 3, 2022. Firefox 100 introduces a whole range of new features and improvements, including captions and subtitle support on YouTube for Picture-in-Picture, multiple language spell checking, HDR video on Mac, and hardware accelerated AV1 video decoding on Windows.
Firefox 91.9.0 ESR and Firefox 100 for Android are also released. All development channels have seen a version bump as well. Firefox Beta and Developer editions 101, and Firefox Nightly 102 are now also available.
Executive Summary
- Firefox 100 is the first version on Windows that is signed with SHA-256. On Windows 7 devices, KB4474419 is required to install Firefox successfully.
- Some sites or services may break, if they use incorrect parsing of the user-agent. Chromium reached 100 as well recently, and this issue applies to all browsers that reach this version. Mozilla has support pages for desktop and Android for users who run into compatibility issues.
- Firefox 102 is the next ESR release.
Firefox 100.0 download and update
Firefox 100 is distributed via the browser's built-in updating functionality and the Mozilla website. If you are reading the article on May 3, it may not be available yet, depending on when you are reading the article.
Firefox users may run a manual check for updates to speed up the installation of the new version:
- Select Menu > Help > About Firefox.
Firefox displays the current version that is installed and runs a check for updates. Any update found will be downloaded and installed automatically.
Here are the links to the official download repositories.- Firefox Stable download
- Firefox Beta download
- Nightly download
- Firefox ESR download
- Firefox for Android on Google Play
Firefox 100.0 new features and improvements
Picture-in-Picture video captions support
Firefox's Picture-in-Picture (PiP) feature has seen several improvements in the new release. It supports video captions and subtitles on YouTube, Prime Video and Netflix now. All it takes is to turn on subtitles in the web interface of the service to see captions and subtitles appear in the browser's Picture-in-Picture mode as well.
Additionallly, PiP supports WebVTT (Web Video Text Track) captions, which is supported by sites such as Coursera and Canadian Broadcasting Corporation.
Note: the feature was not enabled by default on a test Firefox installation. I had to set media.videocontrols.picture-in-picture.display-text-tracks.enabled to TRUE on about:config to enable the feature.
Language and spell checking improvements
Firefox will prompt users on first run of the browser if the installed language of the browser does not match the language of the operating system. Users may then pick either of the languages as the display language in the browser.
Firefox's spell checking component is now multi-lingual. Users need to install additional dictionaries in the browser to use the feature. All it takes then is to right-click on the text field and select or deselect the additional languages under Languages.
Preferred color scheme in Settings
Firefox users may now select the preferred color scheme for websites. The option is found under Website appearance on about:preferences.
Options include Firefox theme, system theme, light or dark.
Other changes
- Firefox on Mac devices supports HDR video. The first site that has been added by Mozilla is YouTube, but more will follow. It requires Mac OS 11 or newer and a HDR-compatible screen. Mac users need to make sure that "Optimize video streaming while on battery" is not enabled on mobile devices, as the feature won't work in that case.
- Windows users with at least Intel 11th generation processors, AMD RDNA 2 Excluding Navi 24 or GeForce 30, may benefit from hardware accelerated AV1 video decoding in Firefox 100. Mozilla notes that installation of Microsoft's AV1 Video Extension from the Microsoft Store may also be required.
- On Windows systems with Intel processors, video overlay is enabled to reduce power usage during video playback.
- On Twitch, performance when using the volume sliders should be improved noticeable.
- Scrollbars on Windows and Linux do not take up space by default. Firefox follows the system default on Windows, which users may alter under System Settings > Accessibility > Visual Effects > Always show scrollbars on Windows 10 and 11. On Linux, users can change this in the Settings.
- Firefox supports credit card autofill and capture in the United Kingdom.
- Firefox ignores several referrer policies for cross-site subresource/iframe requests to improve user privacy by preventing privacy leaks. These include unsafe-url, no-referrer-when-downgrade, and origin-when-cross-origin.
- On Mac OS 11 and newer, Firefox rasterizes fonts once per window; this should improve the new tab opening and tab switching performance.
- Soft-reloading websites won't revalidate all resources anymore.
- Non-vsync tasks have more time to run, which improves behavior on Google Docs and Twitch.
- The focus indicator for links changed from a dotted outline to a solid blue outline to unify focus indicators across the browser.
- Firefox can be set as the default PDF handler when setting Firefox as the default browser.
Developer Changes
- WebAssembly supports exceptions that can be thrown and caught in WebAssembly or in JavaScript.
- WritableStream, WritableStreamDefaultWriter, WritableStreamDefaultController, and ReadableStream.pipeTo() are now supported.
- CSS media features for dynamic-range and video-dynamic-range are now supported.
- Multiple Java threads can be profiled now.
- Performance of deeply-nested display:grid elements is "greatly improved".
- Geckoview APIs added to control the start and stop time of capturing a profile.
Enterprise changes
- Fixed Symantec DLP compatibility with Firefox.
Known Issues
none listed.
Security updates / fixes
Security updates are revealed after the official release of the web browser. You find the information published here after release.
Outlook
Firefox 101 will be released on May 31, 2022 according to the release schedule. Expect at least one point release before Firefox 101.
Firefox extension reviews and news
Mozilla releases Extended Color Management add-on for Firefox
Recent Firefox news and tips
Firefox for Android now has a toggle for HTTPS-Only mode
How to disable Firefox's Captive Portal test connection on startup
Microsoft's roadmap confirms that Teams will soon be supported in Firefox
Firefox 99.0.1 maintenance update released
Additional information / sources
- Firefox 100 release notes
- Firefox 100 for Developers
- Firefox for Enterprise 100 - release notes
- Firefox Security Advisories
- Firefox Release Schedule
I just hate the new interface, and continue use the old one.
Over or under, Firefox 125 still has its own rendering engine
But, the JavaScript-issue is still not fixed.
Which browser do you think is the best?
@sude
Bromite / Kiwi on Android and Brave on PC.
Bromite on Android and ungoogled-chromium on Linux for me.
So when are we going to get the option of ‘tabs at bottom’?
Such a simple thing, and there have been so many requests ever since the new Firefox platform came out.
You can accomplish that yourself with “userChrome.css”.
I use a modified version of:
[https://github.com/Aris-t2/CustomCSSforFx]
Screenshot:
[https://dl.dropboxusercontent.com/s/qa7jlbvdanov4ag/screenshot_20220504.png]
Reminds me of Vista’s fascination with gradients.
@Frankel
If you mean the window title bar, that’s done by my OS (Linux Mint with Emerald Theme Manager). ;)
And yes, I’m old and don’t like these “modern” flat and dull grey interfaces.
It still has those ugly button tabs. When will we get normal tabs again?
@Anonymous
Use an actual browser and not the 3%-market-share-for-a-reason joke.
One of the best Firefox releases in recent times!
Tom, did you use the updater or download the installer??
I haven’t updated Windows 7 since 2016 or whatever, I hardly ever update anything anymore after dealing with Windows Update causes boot loop issues. For sure I don’t have their stinking KB4474419 update. I just updated to Firefox 100 using the updater. no questions asked, no problem. updated just fine.
@keanuwhoah, good question.
I block auto-updates on Firefox (be it the browser, be it the add-ons etc…).
I always download the installer, remove the current version with Windows Uninstall, and proceed therefor with a totally clean install.
Well, Marcin, you and myself have installed FF100 without KB4474419. I’m really curious to know why we haven’t encountered any issues, at least up to now.
Quoting the article, which states what I’ve read everywhere :
“Firefox 100 is the first version on Windows that is signed with SHA-256. On Windows 7 devices, KB4474419 is required to install Firefox successfully.”
I’m running Windows 7 and KB4474419 is not installed.
I’ve just performed as always a clean install of Firefox, in this case 100.0
No issues to install, no issues to run.
What am I missing?
@TH
There is a difference if the auto-updater does the installation or a dedicated EXE/MSI installer. I thought this is obvious?
@Frankel, the official release notes state the KB4474419 requirement but not as tied to a condition of installation (auto-updater or EXE/MSI installer). You state that the condition of installation regarding the KB4474419 requirement is obvious. Of course these two methods have their specifics but I’d be interested to know their correlation with KB4474419. Please develop this assertion!
Puzzling. The official release notes state the requirement. Not sure why it is not enforced on your systems, maybe postponed without removing the release notes entry?
What does it mean?? “maybe postponed without removing the release notes entry”???
I just updated to release 100, no KB4474419 is installed. Everything seems to be OK.
Any comments?
Same case as you. I was worried with the precedent article about this required KB. I updated one of my two Win 7 installations in this optic, because updated Firefox is important to me.
I launch the updater on the PC with the installed KB, everything updated fine.
Then, just ouf of curiosity, I tried on the other PC without the KB installed. To my surprise, everything also updated without problem.
So I was a bit disappointed, because I take gHacks as reference for Firefox information, and it appears what I read previously isn’t totally correct about Firefox 100 update.
Still, thank you Martin for your valuable articles about Firefox.
@Marcin, gHacks mentions the KB4474419 requirement as all the sites referring to Firefox 100 that I’ve visited. But our own experiences are for the least puzzling. And we mustn’t be the only ones. I linger to understand the story.
Is this win7 sp1? Mozilla informed previously about this specific service pack 1 version that must be patched.
it’s fix martin
7:45 AM Eastern, here in NYC. Everything looks normal to me.
“Firefox 102 is the next ESR release.”
Do you know can I still enable userChrome and userContent? Every year it is harder to customize Mozilla Firefox. I think in spite of that my ESR 91 browser now looks simple and on the other hand it is colourful with Noia icons.
about:config
toolkit.legacyUserProfileCustomizations.stylesheets
@Martin Brinkmann
Thank you for an interesting news. Is it too early for an article about next the ESR version? I mean some kind summary of all the changes after 91 version and perhaps some about:config tips? Maybe after 102 version release?
That change was already last year and updating my userChrome.css from ESR 91 to Nightly 102 has never been easier. I only added 3 lines to get the ESR 78 UI back whilst on v102.
https://github.com/ran-sama/firefox-preferences
@Ran
Thank you. It is good to know. I will do of course backup and I will update next ESR when it is time.
ran-sama: “The ESR 78 look is finally possible on ESR 102”
Executive Summary seems pretty short for a major release…
Has been fixed, can you confirm?
@Martin, I’m bringing to your attention that a wide portion of the article on this very page is truncated.
Everything after “Firefox 102 is the next ESR release.” and before “Summary” isn’t displayed. I compared with the article’s display when sent to PrintFriendly[.]com
This issue appears only on this page/article, not on other pages.
I would have preferred to contact you via the contact form but cannot find it anymore.
Thank you for bringing this to my attention. I think I fixed the issue, can you please confirm?
@Martin, issue fixed here.
Took them 10 years to go up to version 4, back when sane versioning with milestone.major revision.minor revision was the norm. 96 major revisions in 10 years to make the mouth breathers think they’re getting some massive updates every damn fortnight or so – because imitation of Chrome is the best form of flattery.
The release cycle is absolutely nothing to do with chasing version numbers.
It’s about being able to ship new features when they are ready, instead of waiting for a ‘major’ new version.
This release cycle makes the most sense for ‘evergreen’ software like a web browser. There’s a reason why every major browser has adopted it.
The only version that matters for a web browser is the ‘latest’ version.
Using sockpuppets under new nicks now and profuse argumentum ad hominem, yet the posting style and peculiar choice of wording remains the same. Petty insults in the nick fields? It is very immature already to talk to an adult like this.
I guess you really ran out of arguments. Keep linking your outdated twitter security experts posted on madaidan. Surely with enough circular logic and the same people confirming each others assumptions it must be real.
Bugzilla posts from 2011 in newscombinator? You are desperate to link 11 year old security issues that are irrelevant today. At least one from 2018, you tried and failed again!
This will never get boring :)
https://github.com/gorhill/uBlock/wiki/uBlock-Origin-works-best-on-Firefox
ublock Origin + uMatrix + Canvas blocker, all whilst not signed in 24/7 into a Chrome account.
Stop making me feel so comfortable in my Firefox armchair.
This will never get boring – Firefox is also the safest
https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit#gid=2129022708
this is what hackernews thinks of madaidan, with some snippets quoted below
https://news.ycombinator.com/item?id=26954225
> So, all the security features that he considers large holes haven’t been used to mount successful attacks, but the ones he considers “not substantial” are the ones that have been used for the real 0-days.
> It seems the “threat model” was “if Chrome has it, it must be important” and “if Chrome doesn’t have it, it must be useless”. You cannot do a serious security analysis this way, it’s like looking at a list of feature checkboxes to choose a product. But in this case it’s even worse because we only look at the checkboxes vendor G has ticked.
https://news.ycombinator.com/item?id=25595998
> That article is comes from an extremely naive security posture
Here is a real security engineer not being one-eyed, read the link (below is a part quote)
https://old.reddit.com/r/firefox/comments/lbu6q2/why_do_people_say_chromiums_sandbox_is_better/glxjrjg/
> “How does that wash out in the end? It’s really hard to say and pretty much impossible to quantify.”
Madaidan’s assertion is pathethic, and those parroting it and making stupid claims based on it are a joke
I don’t know why IH keeps parroting Madaidan’s outdated and easily discredited talking points every time someone dares question the glory of Brave/Google. Not only are most of the sources old, there are from people who work for Mozilla competitors like Google or Microsoft. He does it at least once a week. I guess he really likes big tech and big government
The German cybersecurity agency claims that Firefox is the most secure. It is much newer than the 2015 sources that Mando uses and they have no financial interest in propping up Google/Brave.
https://www.cvedetails.com/product/3264/Mozilla-Firefox.html?vendor_id=452
https://www.cvedetails.com/product/15031/Google-Chrome.html?vendor_id=1224
Chrome is less years on the market and has more CVEs.
Despite Firefox having insane attention due to TOR project, it has less CVEs and exists longer.
Real fun, brb armchair ttime for me :)
Fewer CVEs =! more secure. It just means that there are fewer eyes on the code or they don’t report all their security fixes, since it’s a manual process to receive a CVE after all. It’s funny how you’re still trying to mislead people with bogus security charlatan logic, Frankel
https://madaidans-insecurities.github.io/firefox-chromium.html
@Anonymous
@Frankel is a walking Firefox advertisement. What he says is to be taken with a ton of salt. You are right of course, Chromium literally has 80%+ of the market under its belt and is the prime target of hackers. Nobody cares about the 3 out of 100 users who use Firefox, however, that does not mean that the actual BASE CODE of Firefox is more secure, because it isn‘t. Firefox lacks behind 5 years minimum in terms of exploit mitigations. They have slowly introduced now what Google has introduced between 2016 and 2018 and Google has not been standing still ever since.
@Frankel is also spamming an article where the uBlock Origin dev says that his Chromium version of uBO is inferior to the Firefox version of his extension (Need I care? Brave‘s native adblocker has none of the issues Raymond Hill lists there, I don‘t even need uBlock Origin, unlike Firefox, which does need a bandaid since it is not blocking ads itself). @Frankel also claims that automatic Google log-in is an issue on Chromium-based browsers, except it‘s not. Only Google Chrome has that issue, and if you ask me, IF you care about your privacy but have Google account for various things and you also use Chrome, you are doing it wrong.
Funniest thing is, @Frankel also recommends „Canvas Blocker“ which means he knows nothing about the statistical nature of fingerprinting and fails to realize that Firefox has RFP (which deals with Canvas). He doesn‘t even know all that much about the product he so eagerly promotes here.
Brave is not a browser you should touch with a wooden pole, so I’m not sure the rest of your opinion counts.
@Frankel Don’t waste your time with Firefox, Chromium or Brave are the future.
Who is not joining Chromology and Braveology is left behind by the modern web.
Believe in the browser revolution, supported by the mighty Maiden resource of security holes inside Firefox.
MBGA – Make browsers great again!
Can you ever stop being a shill of Chromium? People like you and the majority are contributting towards Google’s monopoly over the web and making it stronger as the time goes on.
Nah, I am just an opposing opinion to yours. Ever heard of Yin and yang?
I leave it to the mature readers and historians to figure out which one of us is right.
I just love when people use “madaidan” as valid source and their fallacies are appeal to authority such as the “famous” madaidan himself, only quoting 2015-tier old twitter sources and other outdated, today-irrelevant FUD.
Let the past rest, until I see a Chrome fork that is as good as TOR, I won’t even flinch in my Firefox armchair.
@Frankel
This is not about “opinion”, buddy. You should learn to tell apart “fact” and “opinion”. It is a fact that Firefox lacks certain exploit mitigations which Chromium does have, there are no ifs and buts about it. You can go look at the source code and verify yourself if you want to.
> outdated, today-irrelevant FUD
It’s neither outdated nor irrelevant nor is it “FUD”. Just because something is from 2015 does not render it irrelevant if the problem still persists. Your remark would have some merit to it if madaidan had posted this article in 2015 and then walked away, never to update it again. But that’s not what happened, right? He is frequently updating the article whenever there is some half-assed attempt by Mozilla to actually get their spaghetti code in order (like in the case of “Project Fission”, which still suffers from cross-site leaks despite touting site isolation). You should be concerned about the fact that some aspects of Firefox that should have been reworked by now haven’t been touched for so long, but I suppose it is easier to take a dump on madaidan when you don’t want to face the facts,
That security is a relevant topic and that facts, by their very nature, can’t be FUD, needs no further elaboration, I think.
> until I see a Chrome fork that is as good as TOR
Dear Firefox armchair general, there are two main reasons why Tor is based on Firefox:
1) The simple fact that the Tor Browser Bundle predates Chromium. Since Internet Explorer was closed source and thus out of the picture, Firefox was the only viable option back then. Ever since, loads of patches have been written by the Tor Project, all tailored towards Firefox. Rebasing Tor on Chromium would require them to rewrite all of their patches and that’s some mammoth project to be sure.
2) The Tor team has indicated that Google is not willing to cooperate with them whenever they want something to be fixed and / or maintained upstream, so they would have to tackle various issues downstream, in their fork of the code. Since this makes merging newer Chromium releases more complicated, and since their manpower is limited, they tend to use the upstream source that is more willing to cooperate (Mozilla in this case), but that does not by itself disqualify Chromium. It just means they have have manpower issue and rely on a cooperative upstream project. The Tor Project would just have to be able and willing to tackle things downstream, and Chromium could be used no problem.
It is basically admitted to that being based on Chromium would improve Tor’s web compatibility and overall resistance against exploits, but the two issues above are stumbling blocks. However, in principle, Tor could be based on Chromium not least because the Chromium code itself is open source and transparent.
Funny that you explicitly mention Tor here btw, do you know how specifically targeted Tor users get de-anonymized? Mostly by direct hacking attempts, i.e. Firefox exploits. And some of these exploits were fairly trivial, so Tor is not the best example to support your case considering how specifically targeted Tor users got de-anonymized for the most part.
Luckily, you have dropped your bias allegations against madaidan, apparently ever since you’ve realized that he is working on Whonix and thus is also working with the Tor Browser Bundle everyday, which is based on Firefox. So if anything, he should be biased towards Firefox… However, he says that the security of Firefox sucks and sucks badly, what does that tell you? Remember, he is working with that code everyday… and he thinks it SUCKS.
@Iron Heart
You are right bro, Frankel just needs to trust in the mighty
Maiden Insecurities: maiden-insecurities(.)github(.) io
page which says all loud and clear why Firefox is outdated and should be abandoned. Under our new leadership of Braveology we will change the course of how to type addresses into a browser address bar!
Lets rock together! Be Brave, go to Brave, join Braveology!
We’d have to be brave to run Brave?
OK, “be Brave” with a capital B, nevertheless spoken only brings a smile :)
Sorry, I couldn’t resist. Nothing to do with a browser’s qualities.
I’m not your buddy, mate. You keep forgetting that using 7 year old arguments on some guys website that merely quote others about past time, long ago sandboxing issues have 0 relevancy today. Yet you cannot debunk that the newcomer Chrome with less years around has more issues.
Chrome’s code is bloated like Windows, there are over 41 tracking APIs that MS removed or replaced. All of that in Chrome is an attack surface. The entire browser is such a botnet that I would not even touch it with a stick. Removing the tracking alone will not debloat it, au contraire mon camarade.
Removing code also requires to patch the functions that call it. I haven’t seen any paid audit yet of a fork, but I am sure you can come up with another strawman by putting words in my mouth. After all deconstructing a made up stawman is easier than for once, just for a single time taking stance to the actual subject brought up.
>I’m not your buddy, mate. You keep forgetting that using 7 year old arguments on some guys website that merely quote others about past time, long ago sandboxing issues have 0 relevancy today.
You keep making claims without any substance. 7 years old? The issues are still relevant today
>Yet you cannot debunk that the newcomer Chrome with less years around has more issues.
…expect Iron Heart did it? You keep ignoring the popularity of Chromium compared to Firefox, the creation date doesn’t matter
>Chrome’s code is bloated like Windows, there are over 41 tracking APIs that MS removed or replaced. All of that in Chrome is an attack surface. The entire browser is such a botnet that I would not even touch it with a stick. Removing the tracking alone will not debloat it, au contraire mon camarade.
Very subjective claim
>Removing code also requires to patch the functions that call it. I haven’t seen any paid audit yet of a fork, but I am sure you can come up with another strawman by putting words in my mouth. After all deconstructing a made up stawman is easier than for once, just for a single time taking stance to the actual subject brought up.
The only one that uses strawmans and consistently moves the goalposts is….you :)
I’m not your mate, pal
Goodness gracious, can we get a limit on Iron Heart post lengths, these spam walls of nonsense text are really dragging the site down and making it stink. How many times do we need intense dissection, line by line, of the comments of anyone who knows better than Iron Heart. How many times do we need a spammed link to a seven year old article by a one-eyed disgruntled-with-mozilla-and-tor-project developer with a chip on his shoulder (he got in a public spat with a moz dev), who is being an absolute purist in the strictest sense of the word. Security patches do not work in isolation, security is a many layered – and it cannot really be quantified.
For all intents and purposes, both desktop browsers are very secure considering all they do, and within 0.00001% of each other. i.e 99.99999% of users will never get bitten.
Also, size of the userbase !== more secure either. There is only so much scrutiny, fuzzing, linting etc that can be done. Just because chromium has 10x more users, does not mean it is built 10x better. Mozilla are just as capable in this regard. And once you have x amount of users, targets are always juicy. If Firefox was such as easy weak target, then why aren’t there more zero-days and CVEs. The answer is because, it’s secure, as in multi-layered, and in the same ball park of the upper 1/10 of a percentile with chromium
If anything, chromium’s excessive amount of zero days the last two years and lack of fixing C/C++ issues, is a concern.
Am enjoying my very private, fully network partitioned, fully site data partitioned, navigational tracking blocked, secure Firefox and loving
But seeing an update every once or twice a month that you use your browser is what you want, not actual time spent using it!