With the recent Firefox 136 update, Mozilla’s web browser has introduced a variety of improvements and new features. One of the most notable additions is the vertical tabs, which are now available in a new sidebar.
This feature provides a better overview when users have numerous tabs open. Additionally, the update enhances security by addressing fixed vulnerabilities that affect not only Firefox ESR but also Tor Browser.
Mozilla has summarized three major entries concerning internally discovered vulnerabilities, all of which carry high risk ratings. The potential exploitation of these vulnerabilities could lead to a “potentially exploitable crash” and may allow for arbitrary code injection and execution.
However, Mozilla has not disclosed the exact number of vulnerabilities that have been addressed in this update. Looking ahead, Mozilla plans to release Firefox 137 on April 1, 2025.
In the new sidebar introduced in Firefox 136, users can store and monitor their bookmarks and browsing history. It also provides direct access to an AI chatbot and tabs from other synchronized devices.
Moreover, browser extensions can similarly be incorporated into the sidebar, pending developer support. Users can choose to position the sidebar either on the left or right side of the browser.
The vertical tabs feature is also integrated into the sidebar. When activated, the tabs shift from their traditional position at the top of the browser to the sidebar, displaying them stacked vertically.
This arrangement allows users to view more tabs simultaneously, making it clearer when many tabs are open. To enable the new sidebar, users should navigate to Settings > General and scroll to the “Browser Layout” section.
There, a checkbox labeled **Show sidebar** can be selected to display the sidebar on the left side of the browser window. Clicking the cogwheel icon at the bottom of the sidebar allows for further customization, including switching on vertical tabs and repositioning the sidebar.
Firefox 136 has also adopted HTTPS-First as the default setting. This means that the browser will always attempt to open webpages using HTTPS first; if that fails, it will revert to unencrypted HTTP.
In late February, Mozilla updated Firefox’s Terms of Use related to the handling of collected data, which sparked controversy and frustration among some users on platforms like Reddit. However, these concerns have been somewhat exaggerated.
Essentially, there have been no significant changes; Mozilla has simply opted for clearer wording due to evolving legal regulations across various US states. Mozilla has also updated its long-term support versions, Firefox ESR 128 and ESR 115, with important security fixes.
Firefox ESR 128.8.0 has addressed at least ten vulnerabilities, while Firefox ESR 115.21.0 has fixed at least five. An updated version of the Tor Browser, 14.0.7, based on Firefox ESR 128.8.0, is now available.
Additionally, users operating Windows 7 or 8.1, or macOS 10.13 or 10.14 can upgrade Tor Browser 13.5 to version 13.5.13. Mozilla will evaluate the support for these browsers in August, while the future maintenance of Tor Browser 13.5.x, based on Firefox ESR 115, remains uncertain.