Firefox 142 has been released, bringing with it a host of new features, privacy enhancements, and security fixes. The update focuses on replacing discontinued services, improving user privacy through local AI implementation, and addressing several security vulnerabilities.
A key change in Firefox 142 is the replacement of the Pocket service, which was discontinued in July, with a curated news overview on the New Tab page. This news overview is organized by topic, allowing users to customize the content they see by selecting or deselecting specific topics. According to Mozilla, the rollout of this feature may take a few days to complete for all users.
The new version also introduces a link preview feature. Accessible via the right-click context menu, this feature provides users with a preview of the destination page before they click on a link. Additionally, users have the option to utilize a local AI to generate a summary of the destination page, offering a quick overview of the content.
Extended profile management, initially introduced in Firefox 138, receives further enhancements in this update. Users now have access to 28 icon options, up from the previous six, and can also use custom icons for their profiles. Furthermore, add-ons can now place their icons in the sidebar, a feature that has been available since Firefox 136. Users who prefer not to see these icons can disable them with a right-click.
Recognizing that strict tracking protection can sometimes cause compatibility issues with websites, Firefox 142 allows users to create an exceptions list. This feature enables users to selectively disable tracking protection for specific websites where certain functions are deemed essential.
Mozilla emphasizes its commitment to user privacy by implementing all AI features locally, ensuring that user data is not transmitted to cloud or web services. This approach aligns with Mozilla’s stance against user surveillance for advertising purposes. Even certificate revocation checks are performed without disclosing user activity, utilizing CRLite, a mechanism in use since Firefox 137. Firefox 142 disables the older OCSP mechanism for domain certificates, replacing it with CRLite, which is considered more data-efficient, discreet, faster, and more efficient.
Security is also a major focus of Firefox 142. Mozilla Security Advisory 2025-64 lists at least nine eliminated vulnerabilities. Two externally reported vulnerabilities are categorized as high risk: CVE-2025-9179, which involves malicious code breaking out of the browser sandbox via an invalid pointer in an audio/video component for DRM-protected content, and CVE-2025-9180, a flaw in the Canvas2D graphics component that can be exploited to bypass the same-origin policy.
Additionally, three internally discovered vulnerabilities are also classified as high risk: CVE-2025-9184, CVE-2025-9185, and CVE-2025-9187. The remaining vulnerabilities addressed in Firefox 142 are categorized as medium or low risk.
Mozilla plans to release Firefox 143 on September 16th, 2025.
