March 4, 2015
Mozilla has released Firefox 36, which includes fixes for 17 security issues. Three of the flaws are considered critical. The newest version of the browser also supports the HTTP/2 protocol. Read what’s new in this version of Firefox here.
The big emphasis in Firefox 36 is in the area of Web security. Starting with Firefox 36, Mozilla is now phasing out a number of 1,024-bit root certificates that are used for Web encryption. The move is part of a planned migration toward more secure encryption certificates that use 2,048-bit or higher encryption keys.
Also as part of Firefox 36, the browser is no longer accepting insecure RC4 encryption ciphers. RC4 at one point was a widely deployed encryption technology, but it has been shown to be theoretically exploitable.