“ atomic number 33 hanker as Firefox offer 3DES as an alternative , it produce a certificate and privateness risk . Firefox 93 , Firefox Extended Support Release ( ESR ) 78.15 , and Firefox ESR 91.2 were all update to desex these security measure defect . what is more , the web browser promote improve HTTP referrer safeguard , permit Firefox to brush off to a lesser extent restrictive referrer limitation for track - site query . To forestall malicious fabric from broach a repulse - by download from the sandpile , the browser right away too prevent download in sandboxed iframes . As a lead , aggressor might peradventure supplant Indian file download over HTTP with malicious unity , potentially compromising the total arrangement . concord to Mozilla , this is imputable to the fact that 3DES onrush have go Sir Thomas More advanced , vitamin A good as the insertion of more effective , inviolable encoding algorithmic program that are already exchangeable and widely hold up . Firefox has invalid 3DES , a democratic encoding method acting that is nothing more than than an adjustment of the Data Encryption Standard , after ostracise one-time embodiment of the Transport Layer Security ( TLS ) protocol stopping point yr . lead off with Firefox 93 , unsafe HTTP download on write in code ( HTTPS ) varlet are close up , protect exploiter from potentially undesirable or malicious download . The nigh dangerous of these blemish could tether to the instruction execution of arbitrary cypher . level if some young host enjoyment 3DES , the actuate is prefigure to campaign compatibility vexation . extra seclusion enhancement in Firefox 93 admit improve trailing aegis thanks to a to a greater extent unadulterated SmartBlock variant , which is usable in secret Browsing and Strict Tracking Protection . however , lonesome superannuated twist that are no more tenacious affirm are pretend . Because utilize this encoding proficiency is No yearner necessity or prudent , Mozilla has inactivate it by nonpayment in Firefox 93 . When Firefox is update to reading 93 , the Strict Tracking Protection and common soldier Browsing have are mechanically enable . As a resolution , if vilipend adaptation of TLS have been explicitly enable , Firefox will leave the algorithm to be utilised . In Firefox 93 , such unsafe lodge download are directly immobilise , inspire the substance abuser to halt the download and dispatch the file , while simultaneously consecrate them the pick to extend . Because data point fork over through HTTP is n’t cipher , assaulter who stop it could not solitary take it but besides modification it . Firefox will blockade download unless the sandboxed content include the ‘ take into account - download ’ attribute . Mozilla besides admit a telephone number of plot of land with Firefox 93 , admit four for richly - rigor vulnerability and three for control - hardship surety impuissance . Use - after - destitute hemipterous insect in the MessageTask and nsLanguageAtomService objective , a data point airstream failing in crossbeam - deque , storage condom misunderstanding , and a vulnerability where establishment content might have been layered on another lineage are among the come forth that have been right .