Firefox 43.0.4 download2/11/2023 You will need to do this manually, using an unaffected copy of Firefox or a different browser, since we only provide Firefox updates over HTTPS. The easiest thing to do is to install the newest version of Firefox. Click “Advanced”, and if you see the error code “SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED”, then you’re affected. If you’re reading this in another browser, see if you can load the security blog (or any other HTTPS link) in Firefox. If you can access this article in Firefox, you’re fine. Since Firefox rejects new SHA-1 certificates, it can’t connect to the server. When a user tries to connect to an HTTPS site, the man-in-the-middle device sends Firefox a new SHA-1 certificate instead of the server’s real certificate. However, for Firefox users who are behind certain “ man-in-the-middle” devices (including some security scanners and antivirus products), this change removed their ability to access HTTPS web sites. For Firefox users with unfiltered access to the Internet, this change probably went unnoticed, since there simply aren’t that many new SHA-1 certs being used. According to the plan we published earlier for deprecating SHA-1, on January 1, 2016, Firefox 43 began rejecting new certificates signed with the SHA-1 digest algorithm.
0 Comments
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |