CyberSecurityBoard
Sponsor Register Login

Firefox continues Manifest V2 support as Chrome disables MV2 ad-blockers

Firefox has not stated how long this support will continue, but as long as there are powerful add-ons enhancing user privacy and security, Mozilla should continue to have strong reasons to extend support for Manifest V2. The latest announcement renews this promise, maintaining Firefox as one of the few web browsers in the landscape to give users the freedom to continue using Manifest V2 add-ons. Mozilla has renewed its promise to continue supporting Manifest V2 extensions alongside Manifest V3, giving users the freedom to use the extensions they want in their browser. Manifest V3 is a Google-developed browser extension specification aimed at making add-on functionality in web browsers safer by restricting overly permissive network requests and remote content loading. As Manifest V3 enforcement is rolling out, extensions not compatible with it are being disabled from people's browsers, depriving users of the choice of functionality over risk. Although Microsoft Edge, Mozilla Firefox, and Apple Safari have all adopted MV3, they have done so with their own implementation modifications, allowing users greater freedom while still benefiting from the security enhancements. Still, support for MV2 is the only way to go for older add-ons, and Firefox reiterated via an announcement today that it will continue to support it in the foreseeable future. Specifically, the internet company said it would continue to support both the 'blockingWebRequest' and 'declarativeNetRequest' APIs, corresponding to MV3 and MV2, respectively, allowing extensions like uBlock Origin to continue working as usual. "While some browsers are phasing out Manifest V2 entirely, Firefox is keeping it alongside Manifest V3," said Mozilla. Despite the intentions, Manifest V3 places restrictions on certain types of add-ons, like ad-blockers, that can render them less effective. Bill Toulas Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open-source, Linux, malware, data breach incidents, and hacks.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 25 Feb 2025 20:30:19 +0000


Cyber News related to Firefox continues Manifest V2 support as Chrome disables MV2 ad-blockers

Firefox continues Manifest V2 support as Chrome disables MV2 ad-blockers - Firefox has not stated how long this support will continue, but as long as there are powerful add-ons enhancing user privacy and security, Mozilla should continue to have strong reasons to extend support for Manifest V2. The latest announcement ...
3 months ago Bleepingcomputer.com
Google Chrome disables uBlock Origin for some in Manifest v3 rollout - Google continues its rollout of gradually disabling uBlock Origin and other Manifest V2-based extensions in the Chrome web browser as part of its efforts to push users to Manifest V3-based extensions. For those who need more time, Google will let the ...
3 months ago Bleepingcomputer.com
Google Chrome change that weakens ad blockers begins June 3rd - Google is continuing with its plan to phase out Manifest V2 extensions in Chrome starting in early June 2024, weakening the abilities of ad blockers. Google says this decision was made based on the community's progress and feedback, which were deemed ...
1 year ago Bleepingcomputer.com
CVE-2007-2850 - The Session Reliability Service (XTE) in Citrix MetaFrame Presentation Server 3.0, Presentation Server 4.0, and Access Essentials 1.0 and 1.5, allows remote attackers to bypass network security policies and connect to arbitrary TCP ports via a ...
7 years ago
Google Online Security Blog: Sustaining Digital Certificate Security - The Chrome Security Team prioritizes the security and privacy of Chrome's users, and we are unwilling to compromise on these values. The Chrome Root Program Policy states that CA certificates included in the Chrome Root Store must provide value to ...
11 months ago Security.googleblog.com
CVE-2024-56170 - A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI manifests are listings of relevant files that clients are supposed to verify. Assuming everything else is correct, the most recent version of a manifest should be ...
5 months ago Tenable.com
Year In Review: Google's Corporate Paternalism in The Browser - It's a big year for the oozing creep of corporate paternalism and ad-tracking technology online. Google and its subsidiary companies have tightened their grips on the throat of internet innovation, all while employing the now familiar tactic of ...
1 year ago Eff.org
Mozilla warns users to update Firefox before certificate expires - Mozilla is warning Firefox users to update their browsers to the latest version to avoid facing disruption and security risks caused by the upcoming expiration of one of the company's root certificates. "On 14 March a root certificate (the ...
3 months ago Bleepingcomputer.com
Internationalizing Efforts to Counter Tech Support Scams - The Central Bureau of Investigation, India's federal enforcement agency, recently conducted a series of criminal raids against illegal call centers across the country in an attempt to clamp down on tech support fraud. These raids were the result of a ...
1 year ago Darkreading.com
Juniper Support Portal Exposed Customer Device Info - Until earlier this week, the support website for networking equipment vendor Juniper Networks was exposing potentially sensitive information tied to customer products, including which devices customers bought, as well as each product's warranty ...
1 year ago Krebsonsecurity.com
Google Patches Another Chrome Zero-Day as Browser Attacks Mount - For the fourth time since August, Google has disclosed a bug in its Chrome browser technology that attackers were actively exploiting in the wild before the company had a fix for it. Integer Overflow Bug The latest zero-day, which Google is tracking ...
1 year ago Darkreading.com CVE-2023-6345 CVE-2023-4863 CVE-2023-5217 CVE-2023-28205 CVE-2023-32409 CVE-2023-28204 CVE-2023-32373
Google Chrome 0-Day Vulnerability Exploited in the Wild - Update Now - The tech giant announced yesterday that Chrome’s Stable channel has been updated to version 136.0.7103.113/.114 for Windows and Mac, and 136.0.7103.113 for Linux to address four security issues, including a high-severity zero-day flaw. Google ...
1 month ago Cybersecuritynews.com CVE-2025-4609
Google Chrome Zero-Day Bug Under Attack, Allows Code Injection - Google has patched a high-severity zero-day bug in its Chrome Web browser that attackers are actively exploiting. The vulnerability, assigned as CVE-2024-0519, is the first Chrome zero-day bug that Google has disclosed in 2024, and the second in the ...
1 year ago Darkreading.com CVE-2024-0519 CVE-2024-0517 CVE-2024-0518 Hunters
Google Search bug shows blank page in Firefox for Android - Users of the Firefox browser for Android have been reporting that they are seeing a blank page when trying to load the main Google Search site. A report of the issue on GitHub confirms that the problem is reproducible on Firefox Mobile 121.0 for ...
1 year ago Bleepingcomputer.com
Content Credentials Show Promise, But Ecosystem Still Young - It's a good start, but an end-to-end workflow requires more: Cameras or smartphones to generate signed images, support for Content Credentials in a wide variety of image-editing software, and the ability to view authenticated metadata on social ...
3 months ago Darkreading.com
CVE-2020-26278 - Weave Net is open source software which creates a virtual network that connects Docker containers across multiple hosts and enables their automatic discovery. Weave Net before version 2.8.0 has a vulnerability in which can allow an attacker to take ...
4 years ago
Check if you're in Google Chrome's third-party cookie phaseout test - Google has started testing the phasing out of third-party cookies on Chrome, affecting about 1% of its users or approximately 30 million people. Learn how to check if you are part of the initial test. Third-party cookies, which track users' browsing ...
1 year ago Bleepingcomputer.com
Linux version of Qilin ransomware focuses on VMware ESXi - A sample of the Qilin ransomware gang's VMware ESXi encryptor has been found and it could be one of the most advanced and customizable Linux encryptors seen to date. Due to this adoption, almost all ransomware gangs have created dedicated VMware ESXi ...
1 year ago Bleepingcomputer.com Qilin
Google patches third exploited Chrome zero-day in a week - Google has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week. The company fixed the zero-day flaw with the release of 125.0.6422.60/.61 for Mac/Windows and 125.0.6422.60. ...
1 year ago Bleepingcomputer.com CVE-2024-4947 CVE-2024-0519 CVE-2024-2887 CVE-2024-3159 CVE-2024-4671 CVE-2024-4761
Firefox 137 Released With Fix for Multiple High Severity Vulnerabilities - This critical security update, announced on April 1, 2025, fixes several memory safety bugs and use-after-free vulnerabilities that posed significant risks to users of previous versions. The fixes in Firefox 137 and Thunderbird 137 included hardening ...
2 months ago Cybersecuritynews.com
Okta: Breach Affected All Customer Support Users - When KrebsOnSecurity broke the news on Oct. 20, 2023 that identity and authentication giant Okta had suffered a breach in its customer support department, Okta said the intrusion allowed hackers to steal sensitive data from fewer than one percent of ...
1 year ago Krebsonsecurity.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Latest Adblock update causes massive YouTube performance hit - Adblock and Adblock Plus users report performance issues on YouTube, initially blamed on Google but later determined to be an issue in the popular ad-blocking extension. Adblock and Adblock Plus are two ad blockers created by the same developer for ...
1 year ago Bleepingcomputer.com
Google Chrome to let Isolated Web App access sensitive USB devices - Google is working on a new Unrestricted WebUSB feature, which allows trusted isolated web apps to bypass security restrictions in the WebUSB API. WebUSB is a JavaScript API that allows web applications to access local USB devices on a computer. As ...
11 months ago Bleepingcomputer.com
Malicious Chrome extensions can spoof password managers in new attack - In SquareX's demonstration, the attackers impersonate the 1Password password manager extension by first disabling the legitimate one using the 'chrome.management' API, or if the permissions aren't available, user interface manipulation tactics to ...
3 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)