Something is Trying to Trick Firefox into Accepting an Insecure Update

Whuh-oh! This sounds like a potentially nasty exploit that we should all be on the lookout for …

For the last two days I have been receiving popup messages when running Firefox. They stated that “Update Failed. Something is trying to trick Firefox into accepting an insecure update. Please contact your network provider and seek help”. Since I have not changed a thing in that time that would affect Firefox’s update mechanism I first thought that it was a issue with the Firefox updating process itself.

Still, I decided to do some research and found out that I’m not the only user affected by the Update Failed message. I received the error message running Firefox Aurora, others running the latest stable version of the browser.

update failed

First thing I noticed was that the Firefox Aurora version that I was running was not automatically updated anymore. The version was a few days old and checking manually for updates returned the message that the browser was up to date (turned out later it was not).

When you look at the Firefox Help forum you get a lot of recommendations. This ranges from malware to plugins or extensions that affect the updating mechanism to files that previous updates left behind in the Firefox installation folder.

Solutions

If you have files in the defaults\pref folder in the Firefox installation folder (C:\Program Files\Mozilla Firefox\defaults\pref) folder other than the file channel-prefs.js then the updater didn’t remove those files or wasn’t able to do that because other software (possibly visualization software) had prevented that. That causes Firefox to override correct prefs with older prefs from firefox.all. [source]

Enter about:config in the Firefox address bar and filter for the term app.update.url there. Make sure the url begins with https://aus3.mozilla.org/.

Another possible cause that was mentioned quite often were third party extensions and plugins. Google Update was mentioned for instance several times in various Mozilla forum threads. I’m personally not really sure why the plugin gets installed into Firefox in the first place. I did notice that a Pando Media Booster plugin was installed on my system which I have not heard about before. I suspect that it was installed with the Might and Magic: Heroes VI game that I installed recently as it is commonly installed with games, especially MMOs.

Uninstalling the software from my system did not resolve the updating issue. It is not conclusive if the plugin had something to do with it though.

My solution was the following: I went to the Mozilla Firefox download page and re-downloaded the latest version of the web browser from there. I then installed it which did update my version of the browser to the latest version. It is to early to say if it fixed the issue completely, but I have not received the message ever since.


© Martin Brinkmann for gHacks Technology News | Latest Tech News, Software And Tutorials, 2011. | Permalink |
Add to del.icio.us, digg, facebook, reddit, twitter
Post tags: , , , ,

Link to Original Content

Tags: , , , ,

Comments are closed.