Solarquest

Level 32
Verified
Staff member
Malware Hunter
Mozilla Halts Firefox 65 Rollout Due to Insecure Certificate Errors

Mozilla has halted the automatic updates to Firefox 65 as users are unable to browse web sites due to certificate errors. These errors are being caused by conflicts between various antivirus program's HTTPS scanning and Firefox 65.

Firefox 65 was released this week and with it came numerous reports from users that when they visited safe web sites, they were shown an error by Firefox 65 that states Your Connection is not secure and that there is an issue with the HTTP Strict Transport Security (HSTS) of the site.
....
...
According to a Mozilla bug report, these errors are being caused by the web protection modules in antivirus software such as Avast, AVG, and Kaspersky. In order for an antivirus software to scan an encrypted SSL connection for malicious content it needs to add its own certificate to Mozilla's certificate store in order to perform a MiTM (Man-in-the-Middle) attack.

Due to this wide spread conflict, Mozilla QA Lead Ryan VanderMeulen has stated that Mozilla has halted the automatic update to Firefox 65 in Windows to avoid making the problem worse.
....
....
 

Raiden

Level 13
Verified
Content Creator
Looks like they have rolled it out again after Avast and AVG disabled HTTPS scanning for Firefox.

Mozilla Resumes Firefox 65 Rollout After AVs Disable HTTPS Scanning

I guess the engineer's from Google and Mozilla that were complaining about AVs messing things up a while back were telling the truth. Personally, if HTTPS is suppose to be encrypted and secure with nothing in between, it should remain that way. I don't care if the AV companies are good people, HTTPS was designed in a way to be secure and if you have to break the security to "scan something" well then I guess it kinda defeats the purpose IMO.
 
Last edited:

LDogg

Level 29
Verified
Hopefully FF doesn't start to block fundamental aspects critical to Adblockers. I know why Chrome is doing it because adblockers go against their business model.

~LDogg
 
  • Like
Reactions: Raiden and bribon77

Cortex

Level 10
I had a similar problem this week though using Norton & solved it by reinstalling certificates on AdGuard Desk - As I remember I've had this issue before so not sure it's the same problem as above?
 
Last edited: