Mozilla warns users to update Firefox before certificate expires
Mozilla warns users to update Firefox before certificate expires
www.bleepingcomputer.com
Just a moment...
Mozilla is warning Firefox users to update their browsers to the latest version to avoid facing disruption and security risks caused by the upcoming expiration of one of the company's root certificates. [...] Users need to update their browsers to Firefox 128 (released in July 2024) or later and ESR 115.13 or later for 'Extended Support Release' (ESR) users.
Have they fixed the problem properly yet, or is there a future expiration date coming for the new version as well?
What's do you mean "properly"? Certs are supposed to expire, so that in the case of compromise the use is still limited.
Signing certs should be expected to expire. Already-installed browser extensions signed by them should not, when the user doesn't want them to.
Doing it the right way would prevent, for one thing, any possible repeat of the problem they had a couple years ago when they simply forgot to renew the cert and one day everyone's browsers unexpectedly stopped working with no way to fix them short of making a new build. The debate was had then, you can go back and read what was said. A thorough review was promised. Presumably Mozilla came came to the wrong conclusion and decided it would be best not to publicise it much.
Updated the post with details. While I'm not entirely familiar with the matter, this does seem to affect versions below 128 and 115.13 ESR.