Mozilla releases Firefox 66.0.4 with fix for Disabled add-ons


Mozilla has released the update for Firefox along with the fix for the disabled add-ons. Version 66.0.4 was released for Desktop and Android, and version 60.6.2 for ESR. The new version repairs the issue with an expired signing certificate that disabled add-ons for majority of the users. It had re-enabled web extensions, themes, search engines, and language packs that had been disabled.

Kev Needham, from the Firefox Add-ons team stated that still there are some issues that needs to be resolved and that they are actively working on it. It has to be done by Monday in order to reduce the impact of disabled add-ons before the start of the week.

The latest Firefox update addresses Mozilla’s biggest fail in the organization’s history. On Friday night at 12:00 am UTC, the digital certificate that Mozilla used to sign Firefox add-ons or extensions expired. This certificate was used to verify that extensions installed in the user’s browsers are the same extensions that are hosted on the official Mozilla Add-ons portal.

When the certificate expired, Firefox browsers were not able to verify the authenticity of locally-installed extensions, and immediately disabled all add-ons in users’ browsers.

The users were not able to re-enable extensions or install new extensions as the signing certificate has expired. This has left millions of Mozilla users an easy way to re-enable extensions.

The Tor Browser which is a Firefox-based subsidiary that also depends on Mozilla’s Add-ons site for extensions had an important extension disabled that reduces the security outlook of the privacy-oriented browser.

Various hacks were performed to re-enable extensions both by the users and also by Mozilla who had issued a temporary patch few hours after the certificate expired.

The temporary patch makes use of the Firefox Studies feature, but this patch did not reach all the users as “Firefox Studies” was disabled for users who didn’t agree to send telemetry data back to Mozilla.

It is expected that the new update would fix the disabled add-on issue for all the users.

Priyanka R
Cyber Security Enthusiast, Security Blogger, Technical Editor, Author at Cyber Safe News

    Google to add auto-delete option for search and location history data

    Previous article

    TRON reveals a critical bug that could have crashed the entire blockchain

    Next article

    You may also like

    More in Info


    Leave a reply

    Your email address will not be published. Required fields are marked *