Urgent Fire Fox Update Notice
I keep getting a screen popping up that says "Urgent Firefox Update". My protection software is blocking it, saying it's a Trojan. When I go to Mozilla, it says my Firefox is up to date. Is there an Urget Update or not?
Chosen solution
Hi
We are aware of this issue are are working to resolve it. From what you are saying this is almost certainly malware.
Firefox will always update from within the browser and not from a random web page. If you ever unsure of whether you are using the most recent version, this page will walk you through how to check.
Comment added by a forum moderator Please also see our help article
If you do see one of these fake updates please as a reply to this thread post the web address of the fake orange page and if possible the address of the genuine website it appears to have come from - the back arrow on the address bar of the orange page may sometimes help find that.
Read this answer in context 👍 236All Replies (20)
They seem to be popping up in several locations. Here is one from 15 minutes ago:
I installed the "Ublock" app for firefox & have not had a problem since, this was a month or more ago. Not sure how it works, but it works. :-)
another FF spoof:
page I was on when it happens: http://www.twincitiesgasprices.com/index.aspx?mss=263700
Some observations:
I notice the cookie expires shortly or simultaneously with the redirect.
There are only 2 entries in the cookie each time; 'land' and 'k'.
Also, I refreshed the one from yesterday, to see if it would still render the image. Earlier (and previously) it goes to a blank white page, but this last time, I got a Firefox blocked website notice, stating the certificate had an issue: It said the certificate was only authorized for use with the following websites; and had about a dozen listed, all with either 'bing' or 'microsoft' in the URL, mostly. (one was something else, but not the spoof domain).
Mr KL
Why can't you prevent this? Seems like anyone who invents a browser like firefox can prevent it from being hacked like this. I see it's been going on for a long time and many people get it.
Bummed in Seattle.
@bobbiker
Several years ago someone on SlashDot asked the same question of Microsoft. I'm not particularly fond of Microsoft but the person was threatening to expose the gigantic hole they had found in windows. I felt then (and now) like I should respond. Having been in the computer field since 1972. (Long before Microsoft or Mozilla.)
You can't think of a large organization like Mozilla (or even Firefox) like a Ferrari. You have to think of them as a train. A Ferrari is fast. It takes corners at 120mph, burns rubber, looks great, and sometimes has a fantastic looking person driving it. A train on the other hand is slow to pick up speed, very slow to stop, doesn't take corners very well, and usually has some guy with stubble on his chin, wearing dumpy kinds of clothes, and generally would appear on some poster for the poor and homeless. In other words - it takes time and it isn't glamorous to try to figure out the corrections needed in order to fix a problem they never created. They were trying to create the best browser they could, make it be able to handle over a hundred different languages' needs, 300 graphical file formats, hundreds of audio file formats, and not to mention the hundreds of software interfaces to such things as Java, Javascript, VBScript, Perl, Pascal, C/C++, FORTRAN, COBOL, and hundreds of other computer languages. This means they can't stop on a dime and change directions. Everyone has to be notified, everyone talks about what to do, the best solution is poked and prodded to make sure it is the best solution, everyone's input is taken in to account, and eventually, a patch is issued. The worse the problem is - the longer it takes to make a decision so they don't break anything. So whereas a Ferrari would take a month to do anything - a train may take six months to a year to be able to do anything.
What you are saying is - Why don't they act like a Ferrari? But a Ferrari acts on its own or maybe has one or two passengers that go along with the driver. A train carries many passenger cars. Each of these passengers is one of the people who are working to make things right. But each one has to be gotten to, talked with, and their input taken. And this is the biggest problem. Because these passengers are really scattered all over the world with different time zones, needs, work schedules, etc.... It is why FireFox is free. All of these people (or maybe most of them) are donating their time so the rest of us can enjoy a wonderful browser.
So be patient. Let the train come to a stop, switch tracks, and start down the new track. When it reaches its destination we will all be given the update to take care of this. But right now, the train is slowing down and everyone on board is talking about what to do about the problem and which track to take to fix the problem. So we will get there but you have to be patient a while longer.
And no - I'm not trying to talk down to you. Just trying to put into perspective the difference between a small company and a large corporation. FireFox used to be small - now it is multi-national and has developers in all parts of the globe. So it has gone from being a Ferrari to being a train. A very nice, sleek, modern train - but a train nonetheless and trains, by their very nature, have a hard time changing course.
I am sure everyone thanks you for your patience. :-) And no - I do not work for Microsoft or FireFox. Actually, I'm out of work presently and just limping along month to month. :-) Pretty soon I'm going to be going "Gollum! Gollum! My Precious!" (and eating raw fish I find in the ditch!) :-)
Modified
bobbiker said
Why can't you prevent this? Seems like anyone who invents a browser like firefox can prevent it from being hacked like this. I see it's been going on for a long time and many people get it. https://akotajamestimothywhite.org/9811657533539/14e94770cbe43d93ba29601764895f80/3f244f7747e2621f1afa0b63a4ff1898.html Bummed in Seattle.
Why do we need police, army, airforce, navy etc.. ?
As long as there are humans on this planet, there will be thugs, unfortunately.
Trying to stay one step ahead of them: not that easy ......
jscher2000 said
Hi sgross37, when you went back, what was the site from which this page loaded?
I have had this occur a few times and I know the last one was from Pandora. I believe the previous few times before this was from Pandora as well. I left it for some time, came back and the page was up with a download update pop-up ready for me to download.
The page that was on the screen was this: https://faewientresting.org/6091225517648/9d8a78b7bdf358f72f3e6e76ab016cc0/a897bf29d2c9eab9376010efdf26ebc4.html
I keep getting these popups as well. Just got another one while in my yahoo mail. https://aixeypoweredbysearch.net/517414680419/524bf9d125dcd4eb69f78dc45f5a2e13/6e39aa12dda583c92dfdee96fc0c0c26.html
I don't know if this will help but wanted to send it anyway.
Modified
After a few months of these fake firefox updates, I finally got a fake update while using chrome. I guess it's something on my pc so I think I'll reformat and start over. Such a pain and really sad these people can vandalize personal property with no consequences.
Hi scgal, why do you think it's something on your PC? The malware distribution strategy is the same for both Firefox users and Chrome users.
scgal said
After a few months of these fake firefox updates, I finally got a fake update while using chrome. I guess it's something on my pc so I think I'll reformat and start over. Such a pain and really sad these people can vandalize personal property with no consequences.
This has not been determined to be due to malware on Windows.
Also yes the Chrome users on Windows have been getting hit with a fake urgent Chrome update Ad also often on the same disposable sites used for the fake urgent Firefox update Ad. One of many example threads that is ongoing. https://productforums.google.com/forum/#!topic/chrome/HcXgFFaO9WU
Modified
Here is one of those sites for the urgent Firefox patch update
I was on kohls.com, and I also was ambushed by the Evil Orange Fake Download Screen. It looked the same as the screenshots that other people have posted, and it opened a "What would you like to do with this file?" dialogue box, in which I promptly clicked "Cancel". The URL they were using this time was: https://nohkoterawarner.org/3281146277181/1479766387481496/firefox-patch.js
ElvenJediOfGallifrey Thanks for the posting
What version of Firefox are you using. Those links tend not to work for other users but the site itself is already getting blocked on my Firefox as a deceptive site
You should see something like this http://itisatrap.org/firefox/its-a-trap.html (If you have the feature turned off I guess the test site won't work to trigger a warning page either)
Have you turned off Firefox's security features
Yes I just got one. From ieshatipbet.org . I have Norton so I downloaded it and sent it to the trash bin. If you want it contact me and I will send it to you. Thanks Alan
and https://ieshatipbet.org/6892885746935/1480178115807189/firefox-patch.js and http://ieshatiphat.org/68928857469351/938bc4c21df4831bde95e5db8... I get these when I rt click the addr. Does this help???
on pocket I get more of the addr. after the 5db8 I get e9/69a8b9efe18bd6460596df91bc0
Orange screen from https://zayiwplacetel.org/1791181344296/1ba39346d89ed18911721d21a439668b/a8e08cf883b1fab16ba3e476f91c211c.html
Redirect from http://finance.yahoo.com/
File not downloaded.
Once again, while simply scrolling through the http://finance.yahoo.com/ finance tab page: