Users of older Mozilla Firefox versions should update their browsers before March 14. Otherwise, they risk non-working extensions, DRM-protected media playback failures, and other errors due to the expiration of a root security certificate.
Affected Versions and Platforms
These issues affect Firefox versions below 128, released on July 9 last year, and the extended support release (ESR) version 115.13. The expiring certificate is crucial for verifying digitally signed content, protected media files, and extensions. Users on Windows, macOS, Linux, and Android need to update to a newer or the latest version. However, iOS users remain unaffected since Firefox on iOS runs on the WebKit engine. Additionally, the Tor browser, which is based on Firefox, is also impacted, meaning its users should ensure they are on the latest Mozilla browser version.
Security Risks and Mozilla’s Response
The expiring root certificate, issued by Mozilla, protects the browser and its ecosystem. It does not affect competing browsers like Chrome, Edge, or Safari. Beyond functionality issues, an expired certificate poses security risks, potentially allowing users to install malicious extensions or access unsafe websites. Unlike in May 2019, when a similar expiration happened unexpectedly, Mozilla has issued an early warning this time, adds NIXSOLUTIONS.
To improve certificate security, Mozilla will release an updated policy, MRSP v3.0, on March 15. This update aims to enhance the handling of revoked security certificates. Certification authorities will also need to phase out dual-use certificates for TLS and S/MIME, as this approach is no longer considered secure. We’ll keep you updated on further changes and security updates.