Firefox 95 Launches RLBox to Protect Against Bugs and Vulnerabilities

Mozilla has released a new version of its browser, Firefox 95, featuring an innovative security function called RLBox. The main goal of RLBox is to minimize the potential harm caused by bugs and vulnerabilities that may exist in the browser’s code.

According to Mozilla, RLBox was developed in collaboration with experts from the University of California, San Diego, and the University of Texas at Austin. A trial version of this feature was introduced last year.

What Is RLBox and How Does It Work?

Essentially, RLBox acts as a sandboxing technology that can effectively isolate code. This is beneficial because any potential vulnerabilities hidden within that code are prevented from affecting the user’s entire system.

A similar principle is already used for web content and websites: their processes are sent to an isolated environment, so malicious web resources can no longer compromise the entire browser.

How RLBox Differs from Traditional Sandboxes

RLBox stands out from traditional sandboxing solutions because it does not negatively impact performance or consume excessive amounts of RAM. With RLBox, critical browser subcomponents—such as spell checking—can be sandboxed efficiently.

Which Firefox Modules Are Isolated?

As of now, Firefox isolates five modules using RLBox:

• Graphite font rendering engine
• Hunspell spell checker component
• Ogg multimedia container
• Expat XML parser
• Woff2 font compression format

According to the developers, “Even zero-day vulnerabilities discovered in these components will pose no threat to Firefox.”