The Tuesday release of Firefox 40 comes with Windows 10 support, expanded protection against unwanted software downloads such as malware, and several security fixes – additionally, add-on extensions that are not signed by Mozilla will display a warning.
Among the critical vulnerabilities addressed in Firefox 40 are “two integer overflows in the libstagefright library that could be triggered by a malicious ‘saio' chunk in an MPEG4 video,” as well as an integer overflow when parsing an invalid MPEG4 video, and a buffer overflow when parsing an MPEG4 video with an invalid size in an ESDS chunk, an advisory said.
All of the aforementioned vulnerabilities could lead to potentially exploitable crashes and enable remote code execution, as could some of the critical miscellaneous memory safety hazards outlined in a separate advisory.
Two buffer overflow issues identified in the Libvpx library when decoding a malformed WebM video file were deemed critical as they could lead to potentially exploitable crashes, and the same goes for a use-after-free bug in how audio is handled through the Web Audio API during MediaStream playback.
Aside from having a brand new appearance in Windows 10, Firefox 40 brings a safer add-on experience. Noting an uptick in extensions that modify settings without user consent, Mozilla has developed a set of guidelines that all add-on developers must follow.
“[Mozilla has] come up with extension signing, which will give us better oversight on the add-ons ecosystem while not forcing AMO to be the only add-on distribution channel,” a blog post said, going on to add that after 12 weeks “it will not be possible to install unsigned extensions in Release or Beta versions of Firefox. There won't be any preferences or command line options to disable this.”
Additionally, Mozilla has expanded malware protection in Firefox 40.
“Firefox 40 now issues a warning if you visit a page known to contain deceptive software that can make undesirable changes to your computer,” a separate blog post noted.