Firefox 105 is out: here is what is new
Mozilla published Firefox Stable and Firefox ESR updates on September 20, 2022. Firefox 105 Stable and Firefox 102.3 ESR are the new versions that are now available.
The main improvement in Firefox 105 is the better handling of low-memory situations on Windows and Linux, resulting in fewer crashes.
Firefox development versions receive updates around the same time. Firefox Beta and Developer editions move to Firefox 106, and Firefox Nightly to version 107.
Executive Summary
- Firefox 105 and Firefox 102.3 ESR fix 7 security issues. The severity rating is high.
- Firefox 91 ESR is no longer supported. Firefox 91.x ESR will be upgraded to Firefox 102 ESR automatically.
Firefox 105 download and update
Firefox 105 Stable updates become available on September 20, 2022. Note that they may not yet be available when you are reading this article, as it is published early on September 20.
Most Firefox installations receive the update automatically thanks to the built-in updating feature of the browser. The update may not happen immediately though. Users may select Menu > Help > About Firefox to run a manual check for updates.
Firefox displays the installed version and checks for updates. Updates that are found will be downloaded and installed.
Direct downloads are also available, follow the links below to Mozilla's download website, to download the new version of the browser.
- Firefox Stable download
- Firefox Beta download
- Nightly download
- Firefox ESR download
- Firefox for Android on Google Play
Firefox 105.0 new features and improvements
Firefox 105 is a smaller release that is a bit light on new features. One of the main changes in Firefox 105 is that Mozilla managed to reduce the number of out-of-memory crashes of the browser on Windows significantly in the release.
The, rather simple sounding tweak, ensures that the browser's main process is not touched when the system runs out of memory. Instead, content processes are first on the chopping block to free up memory. Killing the main process kills the entire browser, while the termination of content processes crashes only the webpage open in it.
Similarly, Mozilla notes that it has improved the out-of-memory behavior of the Firefox browser on Linux as well:
Firefox is less likely to run out of memory on Linux and performs more efficiently for the rest of the system when memory runs low.
Other changes and fixes
- The print preview dialog has an option to print only the current page directly from it.
- On touch-based Windows devices, Firefox supports swipe to navigate touch gestures now (two fingers on a touchpad swiped left or right to perform history back or forward).
- Improved touchpad scrolling on macOS.
Developer
- Searching in large arrays is two times faster in Firefox 105 thanks to the replacing of array.includes and array.indexOf with an optimized SIMD version.
- Firefox is compatible with the User Timing L3 specification.
- Firefox supports partitioned service workers in third-party contexts.
- Support for defining persistent scripts using scripting has been added.
- The TextDecoderStream and TextEncoderStream interfaces, part of the Encoding API, are now supported,
- Support for the Offscreen Canvas DOM API with full context and font support
Enterprise changes
Known Issues
none listed.
Security updates / fixes
Security updates are revealed after the official release of the web browser. You find the information published here after release.
Firefox 105 Stable fixes seven security issues in the web browser.
Outlook
Firefox 106's release data is October 17, 2022. Firefox ESR 102.4 will be released on the same day.
Firefox extension reviews and news
- Bypass Paywalls Clean browser extension review
- GNU LibreJS for Firefox blocks non-free non-trivial JavaScript
- Google Teller: browser makes a noise whenever Google gets data
Recent Firefox news and tips
- Firefox Relay: integration in Firefox, phone number forwarding and new price
- Firefox 105: number of out-of-memory crashes significantly reduced
- Firefox 104.0.2 fixes a crash, media playback and touch issues
- Firefox 104.0.1 fixes YouTube playback issues
- How to analyze the power usage of websites in Firefox
Additional information / sources
- Firefox 105 release notes
- Firefox 105 for Developers
- Firefox for Enterprise 105 - release notes
- Firefox Security Advisories
- Firefox Release Schedule
Martin’s Articles:
Executive Summary
> Firefox 105 and Firefox 102.3 ESR fix 7 security issues. The severity rating is high.
> Firefox 91 ESR is no longer supported. Firefox 91.x ESR will be upgraded to Firefox 102 ESR automatically.
Security issues in “Firefox ESR 102.3” are issues specific to that version.
Mozilla Foundation Security Advisory 2022-41
Security Vulnerabilities fixed in Firefox ESR 102.3 — Mozilla
https://www.mozilla.org/en-US/security/advisories/mfsa2022-41/
Its issues are irrelevant to “Firefox ESR 91.13”.
Just because a browser support expires does not mean that it will be updated to a new version.
If you have “Automatically install updates (about:preferences#general)” enabled, it will automatically update to a new version after compatibility checks are completed or when a security patch version is needed.
Currently, Firefox ESR 91.13 will not be upgraded to 102.x (although it will eventually be updated within a few weeks).
Martin’s Articles:
Executive Summary
> Firefox 105 and Firefox 102.3 ESR fix 7 security issues. The severity rating is high.
> Firefox 91 ESR is no longer supported. Firefox 91.x ESR will be upgraded to Firefox 102 ESR automatically.
Security issues in “Firefox ESR 102.3” are issues specific to that version.
Mozilla Foundation Security Advisory 2022-41
Security Vulnerabilities fixed in Firefox ESR 102.3 — Mozilla
https://www.mozilla.org/en-US/security/advisories/mfsa2022-41/
Its issues are irrelevant to “Firefox ESR 91.13”.
Just because a browser support expires does not mean that it will be updated to a new version.
If you have “Automatically install updates (about:preferences#general)” enabled, it will automatically update to a new version after compatibility checks are completed or when a security patch version is needed.
Currently, Firefox ESR 91.13 will not be upgraded to 102.x (although it will eventually be updated within a few weeks).
I find Firefox works fine on Windows or Mac OS. Never liked how it worked as a Snap package on Ubuntu, maybe Mozilla has worked on this?
“Firefox 91.x ESR will be upgraded to Firefox 102 ESR automatically.”
I have all automatic updating disabled via Firefox policy templates (creates options in Group Policy Editor in Windows). So after taking a Macrium image to fall back on if needed/wanted, manually installed/updated 91.13 ESR to 102.3 ESR (downloaded from Firefox FTP site).
All appears to be working normally with the exception the minimize/maximize/close buttons are no longer visible in full screen mode. So either have to drop out of full screen mode to see/use them or use keyboard shortcut ALT+Space bar.
Otherwise went through all settings and disabled a few unwanted new ones (ex. some suggestions under Privacy and Security). Also enabled the dark mode option for website appearance (under General) which is a welcome addition that makes some websites display content in dark mode. However it does not work on all websites. Overall I’m happy with the new version and will stay with it and probably tweak and update a few things as needed.
Restored the Macrium image and went back to 91.13 ESR. The minimize/maximize/close button issue is a constant annoyance. Did not find any solutions after an extensive Internet search. But did find that it may be a past bug that has returned again.
However the bigger issue and deal breaker at the moment is the new 102.3 ESR is once again generating connections to Google and Akamai on startup, despite using about:blank as a home page and extensive prior configuration changes and hardening to prevent such connections. Going through all the settings so far there does not appear to be an obvious culprit. So will stay on 91.13 for the time being until I have adequate time (and patience) to test 102.3 further and track down where these connections are coming from. I do NOT want any type of outbound connection happening for any reason when launching the browser to a blank home page.
Finally had a chance to look further into the connection issue with 102.3 ESR and found the primary culprit was: contile.services.mozilla.com.
It’s a Mozilla Tile Service that supports tiles on the new tab page and appears to have been implemented starting with FF 94. However it’s strange that it makes a connection even though I never use the new tab page, only about:blank for both home page and new tab. Added it to my blocking hosts file that already has numerous other unneeded/unwanted Mozilla domains.
Also found the two connections below are Google cache servers for Chrome updates and also the Widevine plugin in Firefox. The connections have stopped after I went into about:addons then clicked the gear icon and “Reset all add-ons to update manually”.
redirector.gvt1.com
r5—sn-5uaezne6.gvt1.com
Still have the issue with minimize/maximize/close buttons that are no longer visible in full screen mode. It is either a bug and hopefully will be fixed in a future update. Or it could possibly be due to something with my Windows theme and using Classic Shell/Open Shell on Windows 8.1 that I will need to troubleshoot further.
But at least all is quiet again and no outbound Internet connections when ESR 102.3 is first started to about:blank.
@Mothy
> However the bigger issue and deal breaker at the moment is the new 102.3 ESR is once again generating connections to Google and Akamai on startup
Go to about:networking
Tell us what connection to Google / Akamai you see, the name of the connection I mean. Maybe we can help you.
Correction, 16+ with 17 coming next month.
Why Firefox 105 arrived first on Linux and after on Windows?
Hey Martin. I’m happy to see that you’re still groovin’ along after 17+ years.
You’re still my go-to for Firefox and Tbird stuff, and I appreciate that you are still loyal.
I am however, sorry that trolling has infected your replies as it has every corner of the Internet that provides the opportunity to do so.
Opinions are fine, free speech is great, but trolling is defined.
“In Internet slang, a troll is a person who posts inflammatory, insincere, digressive, extraneous, or off-topic messages in an online community (such as social media (Twitter, Facebook, Instagram, etc.), a newsgroup, forum, chat room, online video game, or blog), with the intent of provoking readers into displaying emotional responses, or manipulating others’ perception. This is typically for the troll’s amusement”
-Wikipedia.
Sincerely,
A friend from the past of the original content creators.
Calling people trolls but not saying whom you mean is nothing but spineless, Ken.
Nothing in @Ken Saunders comment that addresses anyone in particular. Emphasizing on a Web-pain, that of trolling, is simply expressed here in general terms. Who’d disagree, besides trollers?
You know, you have say ten persons walking in front of you, you yell “Hey, idiot” and you’ll always almost have at least one of the ten tu turn around but worse to complain that you’ve called him an idiot, sometimes worse, à la ‘Taxi Driver’ : “you talkin’ to me?”. I mean, what to reply? LOL.
I don’t want to use this anymore. Opt out
>Firefox 91 ESR is no longer supported. Firefox 91.x ESR will be upgraded to Firefox 102 ESR automatically.
hooray! time to put off downgrading for three weeks until i can make sure my profile works!
ESR user got left out in the cold in this article :(
“Firefox 91.x ESR will be upgraded to Firefox 102 ESR ‘automatically’.” … IF your settings allow it, mine do not.
ESR 102.3 changes here “https://developer.mozilla.org/en-US/docs/Mozilla/Firefox/Releases/102”
ESR 102.3 Security fixes here “https://www.mozilla.org/en-US/security/advisories/mfsa2022-41/”
I think that Firefox ESR is better than Firefox in so many ways that I can’t understand why it’s not the official version for all people. No problem here for years. Thanks for the article. :]
> I think that Firefox ESR is better than Firefox in so many ways that I can’t understand why it’s not the official version for all people.
As a reference to you,
Choosing a Firefox update channel | Firefox for Enterprise Help
https://support.mozilla.org/en-US/kb/choosing-firefox-update-channel
Firefox ESR release cycle | Firefox for Enterprise Help
https://support.mozilla.org/en-US/kb/firefox-esr-release-cycle
ESR Landing Process – MozillaWiki
https://wiki.mozilla.org/Release_Management/ESR_Landing_Process
Firefox now includes downgrade protection to prevent corruption of user profile data. Starting with Firefox 68 ESR, you’ll be prompted to create a new Firefox profile if you previously used a higher version of Firefox (read this to learn more).
https://support.mozilla.org/en-US/kb/dedicated-profiles-firefox-installation#w_what-happens-to-my-profile-if-i-downgrade-to-a-previous-version-of-firefox
I don’t understand why if I add cookie exceptions for websites through Group Policy, ETP switches to Custom mode.
@Shiva, are you referring to about:policies#documentation / Cookies ?
Documentation of this policy is at [https://github.com/mozilla/policy-templates/blob/master/README.md#Cookies] as you probably know.
This policy has several preferences some of which, if incorrectly set, may possibly trigger ETP do adopt the Custom mode. Other than that no idea given I use First-Party Isolation and Custom mode for ETP : pref(“browser.contentblocking.category” = “custom” … which is apparently what you searching to avoid.
Hi @TomH,
I use ‘Strict’ mode set by default from user.js.
At first I entered the exceptions using the related entry with the policy-templates of the site you mentioned. I also tried to use policies.json via ‘Enterprise Policy Generator’ extension:
{
“policies”: {
“Cookies”: {
“AcceptThirdParty”: “from-visited”,
“Block”: [
“……”,
“……”,
],
“Default”: true,
“ExpireAtSessionEnd”: true
}
}
}
If I delete “AcceptThirdParty” or “Default” nothing seems to change, but if I also delete “ExpireAtSessionEnd” the sites are not included in the exceptions. I’ll look at the documentation now, this is the first time.
@Shiva,
I’m no expert on this like Tom and Iron, but I learned in the past to make sure that the ‘clear history at session end’ custom policy was not also set, and if it was that cookies was not part of it. I found that this conflicted with any of my whitelisted cookies. Hope this is helpful.
@Andy Proug
Thanks for the suggestion, but I did not configure the cleanup settings through Group Policy. I also tried with a clean new profile, but if I enter the exceptions I always switch to Custom.
Pardon, I left out a “,” now I see the sites entered without all other options:
{
“policies”: {
“Cookies”: {
“Block”: [
“……”
“……”
]
}
}
}
@Shiva
It’s probably easier to achieve this via extensions like Cookie AutoDelete, or right in the Firefox settings under about:preferences#privacy instead of an enterprise policy, mate.
@Iron Heart
As far as I know Cookie AutoDelete does not support Strict mode. To me it seemed rather convenient instead of manually entering exceptions in two profiles.
Also, I have a dedicated menu on FreeCommander where I enter various files related to settings to be quickly opened with Notepad++ (like policies.json).
Extension Forget Me Not has strict mode
Firefox is better than Brave.
Ill switch to whatever browser keeps working on uBlock.
Firefox compiles more easily than Brave. But there’s a lot of stuff that Brave does better, including anti-fingerprinting. And by default, Brave doesn’t send any information to Google’s servers. If you want a better version of Firefox, I would try Librewolf, or try using Firefox with the Arkenfox user.js.
If you are using a Debian-based Linux distro and you have the ability to find and install the “Abrowser” package from the Trisquel project, that is also a more private version of Firefox, as is the “Firedragon” browser from Garuda Linux which is a Librewolf fork. But Abrowser and Firedragon are going to require a bit of technical skill to get them up and running.
Default Firefox sends tons of information to google’s servers, and should not be considered a terribly good browser in terms of privacy.
I can’t imagine using Firefox without the arkenfox user.js!
I wonder and worry about the people (And I am certain there are many!) who are using Firefox ‘as is’…….
@Dennis
Firefox also hijacks your DNS provider, replacing whatever your ISP provides you with Cloudflare(!). Cloudflare is a tracking network perhaps only behind Google and Facebook. Mozilla claims they have an “agreement” with them re. Firefox user data, however I don’t trust agreements I have not been part of.
You can look under about:support and if you see “DoH Roll-Out” within your extensions there, then your DNS provider could have been changed (real talk: hijacked). You can disable this by setting “network.trr.mode” to 5. arkenfox, although it mentions the setting in the user.js, does not do that for whatever reason, as if Cloudflare is always the better option vs. your ISP, which I certainly don’t believe it is.
There is some stuff you need to look at, user.js file or not. More info here, other countries are now affected as well, not only the US by the way:
https://thehackernews.com/2020/02/firefox-dns-over-https.html
Are there any DNS providers that really are not tracking their users?
I’m rather dependent upon my VPN (ExpressVPN) for DNS so Cloudflare it is!
They *say* I’m not tracked, so there’s that…..
https://developers.cloudflare.com/1.1.1.1/privacy/cloudflare-resolver-firefox/#what-information-does-the-cloudflare-resolver-for-firefox-collect
> Firefox also hijacks your DNS provider, replacing whatever your ISP provides you with Cloudflare(!).
Values and preferences are unique, and there are three different ways (Each man has a character of his own) of seeing and perceiving things. After all, we cannot rely on the opinions of others.
DNS-over-HTTPS (DoH),
We can be configured in a variety of ways at the end user’s discretion.
It is important to first check the official FAQs to make sure you understand the situation correctly.
DNS-over-HTTPS (DoH) FAQs | Firefox Help
https://support.mozilla.org/en-US/kb/dns-over-https-doh-faqs
@Dennis
ExpressVPN is owned by Kape Technologies, a British advertising company. Yes, I know, they don’t exactly advertise this fact on the front page – go look it up. More likely than not they collect and monetize your data in the background as that’s the business model of their parent company. This list of VPNs seems sensible:
https://www.privacyguides.org/vpn/
@Iron Heart
> although it mentions the setting in the user.js, does not do that for whatever reason
Its such a tragic comedy at this point, like “hey bro, i heard you like bad defaults, so i got you some bad defaults to not fix those bad defaults for you… trust us bro please bro just keep trusting us :'( lol”
A bottomless pit of gullibility, insane.
And, hum … [https://img.justpaste.me/i/20220920/oadld/MyMyMyMy.jpg]
—
Firefox is updated to 105.0
Methinks you are trying to start a flame war. For shame, anon. ;-)
@Anonymous
Hey Anonymous, we all know you’ll be switching to Brave eventually.
I hear the kindergarten you go to has already made the transition, so it’s only a matter of time until you follow suit.
Brave is spyware. Enjoy. I’ll be using Firefox.
@Guest
> Brave is spyware.
You already made that claim repeatedly here and you could not substantiate it:
https://www.ghacks.net/2022/09/09/ublock-origin-minus-an-experimental-manifest-v3-compatible-extension/#comment-4548175
It’s getting embarrassing, you know.
> I’ll be using Firefox.
Cheerleading for Firefox while spreading misinformation about Brave? Totally unexpected. /s
Enjoy Firefox which connects more to Google than Brave does: https://www.ghacks.net/2022/09/19/dont-use-chromes-and-edges-enhanced-spellcheck-features/#comment-4549223
Brave is better than Firefox but Iron Heart is better than Brave.
@IronHard Firefox is better than Brave.
O_O ok