Mozilla releases major security fix for Firefox

null

Mozilla's latest patch for Firefox allows web extensions, themes, search engines and language packs to all be enabled again, the company confirmed over the weekend.

In a short announcement, it said it wanted to get these bugs fixed before the start of the week. Initially, the problem was with the certificate chain, which was now repaired.

"A Firefox release has been pushed - version 66.0.4 on Desktop and Android, and version 60.6.2 for ESR. This release repairs the certificate chain to re-enable web extensions, themes, search engines, and language packs that had been disabled," Kev Needham, a member of the Firefox Add-ons team, said today.

"There are remaining issues that we are actively working to resolve, but we wanted to get this fix out before Monday to lessen the impact of disabled add-ons before the start of the week," Needham added.

The add-on fallout which happened late last week were dubbed “Mozilla’s biggest epic fail” – ever.

The certificate that Mozilla uses to confirm that the add-ons people have installed on their devices are the same as those on the Mozilla store expired. When that happened, the browser could not confirm the authenticity of any add-on and thus – all were disabled.

There was no way to bypass the problem until Mozilla solved it, which means all Firefox users were almost left without their add-ons for the weekend. A few hours after the flaw was confirmed, Mozilla issued a temporary patch, just so that the ship holds water until it docks.

Image Credit: Mozilla