Major Browser Updates Address Security Flaws and Disable µBlock

Recent updates from Mozilla and Google have prompted significant changes in their web browsers, specifically Firefox, Thunderbird, and Chrome. Both companies have rolled out security patches to address vulnerabilities that could potentially be exploited by cyber attackers.

Mozilla's updates include releases for all currently supported versions of Firefox (versions 136, ESR 128.8, and ESR 115.21) and Thunderbird (versions 136 and ESR 128.8). The security advisories associated with these updates detail the vulnerabilities that have been fixed, some of which are classified as high-risk and could be misused for code injection. However, there are no indications that these vulnerabilities are currently being actively exploited.

On the other hand, Google has implemented fixes for 14 vulnerabilities in its Chrome browser, of which only nine have been briefly described. The remaining vulnerabilities were identified internally. Notably, only one of these vulnerabilities poses a high risk to users. As with Mozilla's software, users and administrators are advised to promptly install the latest versions of these browsers to enhance security.

A point of contention for many users is that upon restarting Chrome, they may receive a notification stating that the µBlock extension has been disabled. This action has drawn criticism, as many users rely on the ad-blocking functionality that µBlock provides.

Google has taken a firm stance against keeping the µBlock extension active, making it clear that users should remove it. The notification includes prominent options to disable or remove the extension. Nevertheless, users still have the option to reactivate µBlock by navigating to the extension management section, where a discreet toggle allows them to enable it again.

Upon reactivation, Chrome prompts users for additional confirmation, reiterating that the extension is no longer supported and suggesting its removal. Users must click an 'Activate' button for µBlock to return to functionality. So far, reports indicate that the extension operates without issues after being reactivated.

This move by Google aligns with its ongoing efforts to phase out extensions that utilize the old Manifest V2 interface, a policy that was first communicated to some users last October. This policy affects several extensions, but µBlock is among the most notable, given its popularity. The recent updates indicate a decisive shift in Google's approach to managing browser extensions.