We already know Google blocks Antivirus and third-party software from injecting code into Chrome browser, Mozilla is working on that now in Nightly with a new launcher Process that blocks a known list of DLLs that cause the problem to Firefox. In Firefox 66 Nightly, the launcher process is enabled by default and about: support shows the information about its status and the preference browser.launcherProcess.enabled for that in about:config.
Mozilla has started work on mitigations for DLL injection two years back, The launcher process which has been created to tackle dll injections has been integrated into the browser process. In a wiki page, it was noted that “To block DLL injections into Firefox, we’re making some changes to how Firefox starts up. The launcher process is part of that and was just enabled by default on Nightly”.
The company is planning for the “Windows launcher process to ride the trains”. Accessibility software also is known to cause issues to Firefox browser, that’s why the company has added an option to settings to prevent accessibility services from accessing Firefox browser, which you’ll find under Permissions of Privacy & Security Settings.
Applications injecting code into the browser is common, but it always has caused stability problems to browsers, which Google has handled and fixed on Windows for their Chrome browser to a certain extent, now Mozilla is working to prevent third-party software especially antivirus from causing issues to their Firefox by injecting DLLs.
UPDATE: Aaron Klotz from Mozilla working on launcher process said in a reddit thread that they’re testing the process and planning to run it as an experiment in version 67. And initial rollout of experiment will not block any new DLLs apart from the ones they’re already blocking in Firefox.
Related articles:
Chrome alerts users to remove incompatible applications
Firefox 57: How to disable Accessibility Services
Firefox 66 adds ‘search tabs’ option to All Tabs Menu
Firefox 66: Mozilla tests Search hand-off feature on New Tab Page
Firefox 66 Nightly: AV1 Video codec enabled by default
I hope that Malwarebytes Anti-Exploit is on the whitelist. While excluding DLLs of unknown quality is reasonable, some antimalware software producers take considerable trouble to ensure that their DLLs do not cause problems, Malwarebytes being one. We need third party security software developers to perform the role of devil’s advocate. Malwarebytes is a company of great probity and should be a trusted partner of browser producers. Unfortunately Google has rebuffed attempts by Malwarebytes to reach out to it.