Mozilla Firefox Browser Stable Version Releases

Typically, I am a Chromium user and avoid Firefox generally. However, for experimentation purposes today, I decided to use Firefox for fun/learning purposes and because it allowed me to disable e10s multiprocess to make it easier testing with just one firefox.exe process. This is just an experiment and running firefox.exe as a single process simply just made this experiment easier.

So I decided to try running Firefox (64-bit) as a Protected Process Full (WinTCB) - PsProtectedSignerWinTcb

Why? Well, why not, I suppose.




Process Hacker and Process Explorer cannot kill/terminate this firefox.exe process. None of my DLL injection tools are able to inject into this firefox.exe process either. Nice!


Working: General web browsing. Surprisingly, general web browsing is working without any issues. Opening new tabs, clearing memory, etc. All good.

Broken: Printing is not working. Flash Player is not working.

Note: MemProtect achieves these same memory sandbox restrictions, however, the benefit with MemProtect over this is the fact that you have full control over what is allowed or disallowed to communicate with the memory of the protected process.

Spoiler: How Did I Do This?

mimikatz.

Code:

Run mimikatz as Admin

To install mimikatz driver:
!+

To protect single firefox.exe process:
!processprotect /process:firefox.exe

To remove protected process status:
!processprotect /process:firefox.exe /remove

* if you wanted to do multiprocess, you would have to use the !processprotect /pid:111 command for each browser process but I have not tested this and it is likely to fail.

On a side note, downloading mimikatz is a great way to test the Windows Defender Browser Protection extension because it definitely triggers on that download.

I will try another day with multiprocess chrome.exe but it will be more difficult. Multiple processes within a browser such as Chrome may not be able to communicate properly in this state. But I will try some day when I have more time.

 

Interesting, perhaps you should post this in the MemProtect thread.

 

now that the esr version migrated to quantum too, what makes it any different than the latest stable release, other than getting the security fixes and not the cosmetic changes rapidly?

 

Have a look here:

https://www.ghacks.net/2018/05/08/firefox-60-and-firefox-60-esr-differences/

 

thanks, vic.

 

Not I, @stapp .

 

Of course not! It's for Mozilla's own data mining purposes.

 

When I was using FireFox it was something I had enabled. I always want my session restored, whenever I launch my primary browser.

But I can see that a lot of people would think differently. But, it's easy to disable.

 

I wouldn't like this to be enabled by default. Also with FF run under SBIE I don't think this would be possible at all.

 

What makes you think that? I like being able to resume previous sessions so that I don't have to open all of the same tabs again. I have extensions in Firefox and Chrome for that purpose.

 

This is a concern more generally; I've discovered that if I don't log out of some sites before closing the tab I will still be logged in the next time I access the site.

 

I'm not. I use Temporary Containers extension.

 

For instance try Facebook messenger - messenger.com. If I don't log out there before I shut down the computer I'll still be logged in the next day. The same appears to be true with Facebook.

 

it's due to cookies. set your browser to delete cookies after closing it and you will not be logged in next time you launch your browser. you can select which cookies to keep & delete.

 

Good decision! uMatrix - properly configured - can also prevent this.

 

my firefox do that automatically, weather its crashed or shut down by system. appreciated but not really needed.

grow up, this is nonsense... if you would believe it yourself i suggest a browser change! because mozilla would anytime collect telemetry, not only on startup.

same silly story about TRR = dns over https (DoH). its opt-in and has several modes to work.
https://gist.github.com/bagder/5e29101079e9ac78920ba2fc718aceec
and its NOT fixed to cloudflare...
https://developers.cloudflare.com/1.1.1.1/commitment-to-privacy/privacy-policy/firefox/
use quad9, google, symantec, opendns or any other you like to.