itman 1,659 Posted February 5, 2019 Share Posted February 5, 2019 (edited) This apply to Eset also? Quote Last week Mozilla halted the rollout of Firefox 65 for Windows after users started reporting insecure certificate errors due to antivirus software conflicts. Now that antivirus programs have disabled HTTPS scanning for Firefox, Mozilla has enabled the automatic update of Firefox 65 again. When Firefox 65 was released, users started complaining that they were unable to browse the web because Firefox kept displaying insecure certificate errors for legitimate sites such as Google, Facebook, Twitter, etc. According to a Mozilla bug report, this problem was being caused by antivirus programs that performed SSL or HTTPS scanning. https://www.bleepingcomputer.com/news/software/mozilla-resumes-firefox-65-rollout-after-avs-disable-https-scanning/ Edited February 5, 2019 by itman Link to comment Share on other sites More sharing options...
Most Valued Members cyberhash 188 Posted February 5, 2019 Most Valued Members Share Posted February 5, 2019 I guess it's other vendors products thats affected, as i use firefox 65 with the sites listed above and many many more and dont and have not encountered any issues whatsoever. Link to comment Share on other sites More sharing options...
itman 1,659 Posted February 5, 2019 Author Share Posted February 5, 2019 (edited) Well, I didn't read the entire bleepingcomputer.com article as I should have. The real issue is HSTS which I believe has surfaced in Eset's BP&P. There is however a workaround for the issue it appears if the issue does manifest for Firefox users : Quote Options 2: Allows Firefox to use certificates from Windows certificate store By default, Firefox 65 will use only use the certificates in their built in browser certificate store. It is possible, though, to enable the ability to also use the antivirus engine's certificate that are created in the Windows certificate store to validate other web sites certificates. To enable Firefox to use the certificates installed as a Windows Trusted Certificate Authority, you can enable to the security.enterprise_roots.enabled option. To do this, please follow these steps: Type about:config in the Firefox address bar and then press enter. When Firefox asks, click on the button stating that you accept the risks. In the search field enter security.enterprise_roots.enabled and press enter. Double-click on security.enterprise_roots.enabled so that it toggles to true as shown below. You can now close the about:config page. https://www.bleepingcomputer.com/news/software/mozilla-halts-firefox-65-rollout-due-to-insecure-certificate-errors/ Edited February 5, 2019 by itman Link to comment Share on other sites More sharing options...
Recommended Posts