Jump to content

Mozilla Resumes Firefox 65 Rollout After AVs Disable HTTPS Scanning


itman
 Share

Recommended Posts

This apply to Eset also?

Quote

Last week Mozilla halted the rollout of Firefox 65 for Windows after users started reporting insecure certificate errors due to antivirus software conflicts. Now that antivirus programs have disabled HTTPS scanning for Firefox, Mozilla has enabled the automatic update of Firefox 65 again.

When Firefox 65 was released, users started complaining that they were unable to browse the web because Firefox kept displaying insecure certificate errors for legitimate sites such as Google, Facebook, Twitter, etc. According to a Mozilla bug report, this problem was being caused by antivirus programs that performed SSL or HTTPS scanning.

https://www.bleepingcomputer.com/news/software/mozilla-resumes-firefox-65-rollout-after-avs-disable-https-scanning/

Edited by itman
Link to comment
Share on other sites

  • Most Valued Members

I guess it's other vendors products thats affected, as i use firefox 65 with the sites listed above and many many more and dont and have not encountered any issues whatsoever.

 

Link to comment
Share on other sites

Well, I didn't read the entire bleepingcomputer.com article as I should have. The real issue is HSTS which I believe has surfaced in Eset's BP&P.

There is however a workaround for the issue it appears if the issue does manifest for Firefox users :

Quote

Options 2: Allows Firefox to use certificates from Windows certificate store

By default, Firefox 65 will use only use the certificates in their built in browser certificate store. It is possible, though, to enable the ability to also use the antivirus engine's certificate that are created in the Windows certificate store to validate other web sites certificates.

To enable Firefox to use the certificates installed as a Windows Trusted Certificate Authority, you can enable to the security.enterprise_roots.enabled option. To do this, please follow these steps:

  1. Type about:config in the Firefox address bar and then press enter. When Firefox asks, click on the button stating that you accept the risks.
  2. In the search field enter security.enterprise_roots.enabled and press enter.
  3. Double-click on security.enterprise_roots.enabled so that it toggles to true as shown below.
  4. You can now close the about:config page.

https://www.bleepingcomputer.com/news/software/mozilla-halts-firefox-65-rollout-due-to-insecure-certificate-errors/

Edited by itman
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...