browser security

Mozilla’s support path for users running pre–Windows 10 desktops has reached a clear milestone: Firefox 115 ESR will be the last maintained Firefox build for Windows 7, Windows 8 and Windows 8.1, and Mozilla’s support documentation now states that security updates for those legacy installations...

Mozilla will stop delivering security updates for Firefox on Windows 7, Windows 8, and Windows 8.1 as the maintenance window for the Firefox 115 Extended Support Release (ESR) closes at the end of February / early March 2026, leaving those legacy Windows installs without any mainstream, actively...

Google’s disclosure of CVE-2026-1861 — a heap buffer overflow in libvpx — is small, but it matters: the bug was fixed in Chrome’s Stable channel (build 144.0.7559.132) and appears in multiple vendor tracking feeds, and Microsoft has listed the CVE in its Security Update Guide to document the...

Mozilla is giving users an unmistakable way to tell the AI revolution to stay out of their browser: starting with Firefox 148, rolling out February 24, 2026, the desktop browser will include a dedicated AI Controls panel with a single “Block AI enhancements” master toggle that disables current...

Mozilla has given users a one-click way to tell the AI revolution to stay out of their browser: starting with Firefox 148, rolling out February 24, the desktop browser adds an AI Controls panel with a single “Block AI enhancements” master switch that disables current and future generative AI...

Microsoft Edge’s latest Stable update finally hands users a simple, supported way to remove the Copilot toolbar icon — but that small win sits inside a much larger, messy landscape of WebGL backend changes, new enterprise controls, and ongoing questions about how Microsoft is reshaping Edge...

Mozilla’s announcement that “Firefox will continue to support Windows 10 for the foreseeable future” changes the security calculus for millions of PCs — but it does not erase the risks introduced by Microsoft’s end of free OS servicing, and treating this as anything other than a stopgap would be...

The coming year will not be quiet for end‑user IT: agentic AI, baked‑in browser intelligence, and new classes of endpoint controls will reshape how knowledge workers interact with applications, how IT governs data, and where security investments land. Background The desktop as a passive...

Microsoft has quietly turned up the pressure on Windows users who try to install a competing browser: when you open Google Chrome’s download page in Microsoft Edge, some Windows installations now display a native banner that reframes the decision as an online-safety choice rather than a simple...

Microsoft’s new Edge banner that appears when users visit Google’s Chrome download page is the latest, highly visible escalation in a long-running tug-of-war over browser choice on Windows — and it crystallizes a wider strategic problem: Microsoft is trying to win users back with safety...

Puffin’s claim — that web pages can be rendered in the cloud and delivered to your PC faster, safer, and with far less bandwidth — is the central promise behind Puffin Browser for desktop. The pitch is simple: move the heavy lifting off the local machine, use remote Blink engines to process...

Microsoft is rolling out a hardline browser security change for Microsoft Entra ID sign-ins that will block most externally injected scripts on pages that start with login.microsoftonline.com, enforcing a Content Security Policy (CSP) designed to stop script-injection and cross-site scripting...

Microsoft’s security database lists a reportable entry for a Microsoft Edge (Chromium‑based) remote code execution concern under the label CVE‑2025‑60711, but authoritative public technical details for that specific identifier are currently scarce or not published in vendor pages accessible...

Chyron’s Toolbox 4 represents a pragmatic, production‑focused refresh aimed at closing the gap between everyday PC/web content and live broadcast workflows by adding SDI/NDI capture, Windows 11 compatibility, full HD output, and a more flexible content‑grabber toolset that producers can...

Microsoft Edge’s new Copilot integration has been flagged by independent testers for a troubling privacy gap: the assistant can reportedly read content from non-focused browser tabs — including visible text and, in one user’s test, values entered into form fields such as login credentials — even...

Short answer Microsoft documents CVE-2025-10891 in its Security Update Guide because the vulnerability is in Chromium (the open‑source engine) that Microsoft Edge (Chromium‑based) consumes — the entry tells customers “this issue existed in Chromium and has been addressed in the Edge builds that...

As organizations pick up pace after the summer, cybersecurity teams face a compacted calendar of risk: Microsoft’s Windows 10 end-of-life, new behavior in Windows 11 and OneDrive, increasingly sophisticated browser threats, an emerging privacy storm around activity-capture features, and...

Google’s September stable update for Chrome closed a notable Use‑After‑Free (UAF) in the Dawn WebGPU implementation — tracked as CVE‑2025‑10500 — alongside several other high‑severity graphics and engine fixes; Windows users and administrators running Microsoft Edge (Chromium‑based) should treat...

Google pushed an emergency Chrome update to address CVE-2025-10585, a type confusion vulnerability in the V8 JavaScript engine that Google says is being actively exploited in the wild — and because Microsoft Edge is Chromium-based, Windows users and enterprises must confirm their Edge builds...

Google released an emergency Chrome stable update that fixes a use‑after‑free (UAF) vulnerability in the WebRTC component tracked as CVE‑2025‑10501, and Microsoft Edge (Chromium‑based) customers should treat the issue as relevant until Microsoft ships the Chromium ingestion for Edge. Background...