Firefox 44: Find out what is new

The official release data of Firefox 44 is January 26, 2016. This overview provides you with detailed information about the new release including new features and changes in the desktop version of Firefox and the Firefox version for Android.

Mozilla updates all channels of the browser that it makes available at the same time. This means that Beta, Developer Edition, Nightly and Firefox Extended Support Release channels will be updated as well.

This means the following version changes: Firefox Beta 45, Firefox Developer Edition 46, Firefox Nightly 47 and Firefox ESR 38.6.

Information below cover only Firefox Stable for the desktop and Android, and no other release channel of the browser.

Executive Summary

• Add-on signing is again delayed and will be enforced in Firefox 46 Stable. The main reason given for the delay is the introduction of the temporary loading of unsigned add-ons in Firefox 45.

Firefox 44 download and update

Firefox 44 will be released on January 26 by Mozilla. Firefox is configured to download and install updates to the browser automatically, and if that is the case, users don't need to do anything to upgrade to the new version.

Since the update is not picked up in realtime, some users may want to run a manual check for updates in Firefox to download it as soon as it becomes available. This is done in the following way:

1. Tap on the Alt-key on the keyboard.
2. Select Help > About Firefox from the menu.

Firefox checks for updates manually then, and will prompt to download the update or download it automatically depending on its update preferences.

All versions of Firefox can also be downloaded directly from Mozilla. Please note that it may take a while before the new versions become available as downloads on Mozilla's website.

1. Firefox Stable download
2. Firefox Beta download
3. Firefox Developer download
4. Nightly download
5. Firefox ESR download

Firefox 44 Changes

Firefox 44 is a rather uneventful update for the most part. It is the first version of the browser that will enforce add-on signing in the stable version of the browser.

As you may know, Firefox 43 offered a configuration switch to override the enforcement, and Firefox 44 will continue to offer the switch. In fact, Mozilla postponed the enforcement of add-on signatures in stable and beta builds to version 46 of the browser.

This means that you cannot load add-ons in Firefox Stable anymore that are not signed. 

Video Support improvements

• Enable WebM/VP9 video support on systems that don't support MP4/H.264
• Enable H.264 if system decoder is available

Information is scarce at this point, and Mozilla failed to link to a bug report that would shed some light on the changes.

The most like explanation is that Mozilla will set media.mediasource.webm.enabled in Firefox to true.

It means better support for HTML5 video in Firefox, especially on operating system versions that don't support Mp4/H.264 natively.

Improved warning pages for certificate errors and untrusted connections

Firefox's new warning page uses less text and a clear "go back" call to action. A click on advanced displays information about the issue (which the old warning page listed under technical details).

There you find an option to add an exception to access the site nevertheless (formerly under "I understand the risks").

Basically, less text on the page but all important information are still there. Plus, the message "your connection is not secure" is more direct than the old "this connection is untrusted".

Other changes

• RC4 temporary whitelist is disabled in release versions of Firefox and no longer used. [bug 1201025]
• Support for Brotli compression algorithm has been added. [bug 366559 and bug 1211916]
• Warning page when RC4 is the only supported cipher.
• Firefox will no longer trust the Equifax Secure Certificate Authority 1024-bit root certificate or the UTN - DATACorp SGC
• To support unicode-range descriptor for webfonts, font matching under Linux now uses the same font matching code as other platforms
• Firefox uses a SHA-256 signing certificate for Windows builds as recommended by Microsoft.

Developer Changes

• Allow about:pages to load remote content. [bug 1204983]
• Size restrictions for extension icons to prevent too large toolbar icons from deforming the toolbar. [bug 1208715]
• MediaStream.stop() has been deprecated, MediaStream.addTrack()/removeTrack() have been added. [bug 1103188]
• Visual tools for Animation and Layout & Styles have been improved.
• WebRTC interfaces have been unprefixed: in particular mozRTCPeerConnection is now RTCPeerConnection, mozRTCIceCandidate is now RTCIceCandidate, and mozRTCSessionDescription is now RTCSessionDescription.

Firefox for Android

• Support added for urls with the mms protocol (multimedia messaging service).
• Long-press on search label in "quick search bar" opens customize search providers.
• Firefox users are prompted when "intent URLs" are about to be opened in private browsing tabs.
• New web-based Firefox accounts page.
• Support for cloud printing using Android print service.
• Users may set their homepage when starting Firefox.

Security updates / fixes

Security updates are disclosed after the official release. We update the article as soon as they become available.

• MFSA 2016-12 Lightweight themes on Firefox for Android do not verify a secure connection
• MFSA 2016-11 Application Reputation service disabled in Firefox 43
• MFSA 2016-10 Unsafe memory manipulation found through code inspection
• MFSA 2016-09 Addressbar spoofing attacks
• MFSA 2016-08 Delay following click events in file download dialog too short on OS X
• MFSA 2016-07 Errors in mp_div and mp_exptmod cryptographic functions in NSS
• MFSA 2016-06 Missing delay following user click events in protocol handler dialog
• MFSA 2016-05 Addressbar spoofing through stored data url shortcuts on Firefox for Android
• MFSA 2016-04 Firefox allows for control characters to be set in cookie names
• MFSA 2016-03 Buffer overflow in WebGL after out of memory allocation
• MFSA 2016-02 Out of Memory crash when parsing GIF format images
• MFSA 2016-01 Miscellaneous memory safety hazards (rv:44.0 / rv:38.6)
• MFSA 2015-153 HTML injection in homescreen app bypassing DOM sanitizer
• MFSA 2015-152 Lockscreen passcode bypass due to race condition
• MFSA 2015-151 Lockscreen delay bypass in Firefox OS

Additional information / sources

• Firefox 44 release notes
• Firefox 44 Android release notes
• Add-on compatibility for Firefox 44
• Firefox 44 for developers
• Site compatibility for Firefox 44
• Firefox Security Advisories