Firefox 12 Debuts With Silent Update Mechanism

Mozilla has released version 12 of Firefox and the big change in the popular browser is the inclusion of a new update mechanism that will allow users to enable automatic updates that won’t require user interaction. The mechanism is similar to what Google Chrome has and is part of a trend toward taking some of the responsibility for patching out of users’ hands.

Mozilla has released version 12 of Firefox and the big change in the popular browser is the inclusion of a new update mechanism that will allow users to enable automatic updates that won’t require user interaction. The mechanism is similar to what Google Chrome has and is part of a trend toward taking some of the responsibility for patching out of users’ hands.

“A new update installation method allows Firefox to install an update while the browser is running. This means that the update can be installed immediately after it is downloaded. A restart of the browser is still required to apply the update but, using the new method, the application of the update will happen very quickly. So quickly, in fact, that you shouldn’t even notice it. The new version of Firefox will then launch with no delay as the update procedure has already taken place,” Mozilla‘s Lawrence Mandel said in a blog post earlier this year. 

For most users, the best part of the new updater in Firefox will be the removal of the Windows UAC prompt before the installation of the updated browser can proceed. Right now, users need to click through the dialog box from Windows, giving Firefox permission to install the new browser. With Firefox 12, once the user gives the application permission to install updates automatically, that’s the last time he’ll have to worry about it.

All of the major browsers used to have much less-frequent updates, releasing one or two versions a year at most. But that’s changed, with Google updating Chrome as often as twice a month sometimes and Mozilla moving to a similar frequent-update plan. Microsoft still releases new versions of Internet Explorer on a less frequently, but patches the browser regularly.

The idea behind Mozilla’s change is to make it easier for users to get the most secure version of the browser without having to go seek it out.

“You get your updates with less hassle and interruption and, when some legitimately scary piece of software is detected by UAC, you’re less likely to have learned to just click it away idly,” Mozilla’s Jonathan Nightingale said in a blog post.

“None of the work I’m describing here takes away your ability to control updates, of course. You can choose to be prompted for each update if you want, but for most people that’s just a nuisance. And on fresh installs, when Firefox really *is* a new program on the system, UAC will always double check that you actually meant to install it.”

Suggested articles

Drupal.org Resets Passwords After Data Breach

The Drupal Association is urging all users of Drupal.org and groups.drupal.org to reset their passwords after discovering an intrusion that breached files holding usernames, e-mail addresses, countries and hashed passwords. Sites that run on Drupal do not appear to be impacted, though the organization stressed an ongoing forensic review may reveal more details and victims. […]

Discussion

  • Rob on

    Yet another process running on the system. ARRRGGGGHHHH

     

  • Brownout on

    Good news everyone! Now you have part of your browser running as a high privileged service, what could possibly go wrong?
  • Adam Komar on

    "I prefer to know what's being installed on my computer and when", he says while hypocritcally using Chrome.

  • Anonymous on

    these days my firewall is more important blocking things from getting out

    than getting in

  • Roger on

    I've been using Firefox since it was Phoenix, and helped to get it accepted over MSIE at three workplaces. The idiotic "frequent update" policy has resulted in it being withdrawn at my current work, and very nearly resulted in me switching to Opera.

    But rejoice! There is now a version called ESR that won't suffer from frequent updates! In fact apart from security hot fixes they promise to only update it once a year.

    It's supposed to be for "Enterprise" users who don't like their security posture being periodically randomised and their enterprise apps stop working, but it can also be downloaded by any regular Joe who doesn't like having all his extensions break every 6 weeks.

    Unfortunately, the oldest ESR version is "version" 10, where it has already jumped the chrome shark and veered away from the Firefox philosophy of lean, minimal attack surface with all the frippery and cruft in optional extensions. But at least you can stay a few months behind the bleeding edge.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.