In the next Nightly, content processes on Windows will be using a USER_RESTRICTED access token level for the sandbox.
This further restricts the SIDs in the process token and removes read access to nearly all resources that are protected by an access control list.
This is controlled by the new default of 8 for the pref:
security.sandbox.content.level
If you find an issue that you suspect is caused by this, please retest after setting the above pref back to 7 and restarting the browser.
If you have certain default prefs that move processing out of the content process
flipped (e.g.
webgl.out-of-process),
then the effective level will be 7 and USER_RESTRICTED will not be used.
Thanks,
Bob