In what can only be a wise move, Mozilla decided to release an ESR version of Firefox, which will be replaced once a year and patched in the meantime. A six-week cycle is perhaps manageable for home users, but it’s downright lunacy for corporate environments. It’s hard enough to test and deploy pure security fixes in 4-6 weeks, let alone test something that introduces entirely new features and deploy it.
I’m not sure that corporations and Mozilla want each other all that much, but they need each other. It’s a cheap way for a corporation to improve its security posture, as long as testing, deploying, and keeping it up to date isn’t a full-time job for someone.
David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.