Firefox 78.0.2 brings security and screen reader fixes

Don Sharpe
by Don Sharpe
Author
Affiliate Disclosure
Share this article:

  • Firefox version 78.0.2 offers a security fix to an X-Frame-Options bypass vulnerability. 
  • The update brings non-security fixes to a Teams link issue and more bugs.
  • Have Firefox bugs been troubling your lately? Check out our Firefox Errors section for practical solutions!
  • Our Firefox page covers everything there's to learn about the browser. Be sure to visit it for optimization tips, news, and much more!
Firefox update fixes Teams link issue

User privacy and security features were among the key highlights of Firefox 78.0, which Mozilla released on June 30, 2020.  But the browser seems to have had a security vulnerability that’s now patched with update Firefox 78.0.2.

Firefox 78.0.2 security patch

Firefox 78.0.2 fixes a website framing bug.

If a website frames yours, it gets the ability to display your site’s content. But you can use the X-Frame-Options header to prevent other websites from doing that in Firefox.

However, it appears that someone could have used object or embed tags to override X-Frame Options in Firefox.

Mozilla explains:

Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header.

Other fixes

Firefox version 78.0.2 offers non-security solutions too, including for a screen-reader bug. As Mozilla explains, the issue made it difficult for readers using the assistive tech to get to the content they want to read.

The reader-mode-processed content appears after the reader mode toolbar in the accessibility tree, which is a problem for screen-reader users because they have to wade through the toolbar (which unfortunately isn’t using the most semantic markup as it is) to get to the content every time.

In addition, the update resolves a problem causing an address bar malfunction on macOS. With this issue, the address bar failed to work if you typed something in it and pushed enter to get search results.

Mozilla had linked the problem to a corrupt or locked database, which caused the user’s favorite search engine not to work in the browser. The company then issued update ESR 78.0.1 to fix the bug on macOS, but that didn’t work.

Hopefully, Firefox 78.0.2 settles the address bar issue once and for all.

Also available is a patch for a problem whereby, if you received a Microsoft Teams link by email, you couldn’t open it in Firefox. The bug originated with the Firefox ESR 78.0.1 update.

How’s your experience with Firefox 78.0 so far? You may let us know via the comments section below.