Mozilla has released a new version of its Firefox browser that fixes 27 vulnerabilities. Six of them would allow an attacker to take over the computer without hardly any user interaction. Simply visiting a hacked or malicious website or viewing an infected advertisement can cause a computer to become infected.
The browser developer has also fixed several other bugs in Firefox 41 and added new features. One of the new features is the addition of the 'perfect forward secrecy' for WebRTC. WebRTC is an open source protocol developed by Google that adds Real-Time Communication (RTC) to browsers. To secure the communication, Firefox now requires applications that make use of WebRTC to use 'perfect forward secrecy' (PFS).
PFS generates a separate key for each session and message, which is deleted after each session. In case attackers compromise an encryption key they have no access to earlier messages and sessions of the user because each of them uses a different key.
WebRTC has been criticized for not properly protecting user privacy, with PFS, Mozilla hopes to tackle this issue.
Firefox users can update to version 41 through the automatic update feature of the browser or by downloading a new version from Mozilla.org.
