Mozilla Warns Users To Update Firefox Before Certificate Expires (bleepingcomputer.com)
- Reference: 0176705903
- News link: https://news.slashdot.org/story/25/03/13/2052239/mozilla-warns-users-to-update-firefox-before-certificate-expires
- Source link: https://www.bleepingcomputer.com/news/software/mozilla-warns-users-to-update-firefox-before-certificate-expires/
> A Mozilla [4]support document explains that failing to update Firefox could expose users to significant security risks and practical issues, which, according to Mozilla, include:
>
> - Malicious add-ons can compromise user data or privacy by bypassing security protections.
> - Untrusted certificates may allow users to visit fraudulent or insecure websites without warning.
> - Compromised password alerts may stop working, leaving users unaware of potential account breaches.
>
> It is noted that the problem impacts Firefox on all platforms, including Windows, Android, Linux, and macOS, except for iOS, where there's an independent root certificate management system. Mozilla says that users relying on older versions of Firefox may continue using their browsers after the expiration of the certificate if they accept the security risks, but the software's performance and functionality may be severely impacted.
[1] https://www.bleepingcomputer.com/news/software/mozilla-warns-users-to-update-firefox-before-certificate-expires/
[2] https://en.wikipedia.org/wiki/Root_certificate
[3] https://blog.mozilla.org/addons/2025/03/10/root-certificate-will-expire-on-14-march-users-need-to-update-firefox-to-prevent-add-on-breakage/
[4] http://support.mozilla.org/en-US/kb/root-certificate-expiration
My Firefox Has AI So It Updates (Score:1)
Itself Automatically.
Re: (Score:2)
Sorry Dave, but you can't see your favorite porn-star's pod bay doors again without giving me your credit card number..."
Re: (Score:2)
Dave's not here, man.
It's all good. (Score:2)
Given the size of Firefox user base, if it all blows up, it will affect 2-3 users at best.
STOP embedding certificates that cant be updated (Score:2)
its 2025 use DNSSEC and DANE
https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities
Before March 14, 2025 (Score:1)
And you waited until NOW to mention this?
And another thing:
> Firefox users ... will not be able to use their add-ons
> Malicious add-ons can compromise user data
Which is it? Will add-ons be disabled across the board, or will add-ons run indiscriminately, unchecked by revocation lists?
notice? (Score:3)
thanks for giving us.... one day's notice?
Posting this from Ver 85.0 (Score:2)
I have later versions as Snaps or Flatpaks or whatever, and I use them when I must. But the UIs are such utter crap that I find them totally unusable as daily drivers. I've tried the CSS and about:config changes to clean them up, but there are still too many areas where the UI just sucks ass. I've been looking at other FF derivatives, but so far they're all problematic. I'm not sure what I'm going to end up using
Is it too much to ask to have a little bit of colour, always-present dividers between tabs, and
As the advisory says, go to FF115ESR (Score:3)
If you like old browsers, and I know some of you do, go to FireFox ESR115 as per the advisory. Run on Win7, Old MacOS too, and it gets security patches ~4 weeks. No new UI, no new features, just security patches...
Problem is, at this stage, support for it is a the whim of mozilla.
I am writing this from FireFox ESR128, so I am on that train too.
Re: (Score:1)
Does the Pale Moon browser have the same oddity?
Re: (Score:2)
Palemoon release notes v33.6.0 (2025-02-07) mention an update of the root certificate [1]https://www.palemoon.org/relea... [palemoon.org]
[1] https://www.palemoon.org/releasenotes.shtml#v33.6.0