Mozilla has issued an urgent warning to all Firefox users, emphasizing the need to update their browsers before a critical root certificate expires on March 14, 2025.
This certificate is used to verify signed content and add-ons across various Mozilla projects, including Firefox.
Failure to update to version 128 or higher (or ESR version 115.13+ for Extended Support Release users) could lead to significant disruptions in add-on functionality, content signing, and playback of DRM-protected media.
The impending expiration affects a broad user base, including desktop users on Windows, macOS, and Linux, as well as those using Firefox for Android.
If users do not update their browsers in time, they can expect several key issues:
These disruptions not only impact individual users but also systems that rely heavily on content verification for security and operational reasons.
This critical update applies to all Firefox users running versions earlier than 128, including those on older operating systems like Windows 7/8/8.1 and macOS 10.12–10.14, who are advised to switch to the compatible ESR version.
Users who have received an in-app notification within Firefox are directly affected and need to update their browsers immediately.
To avoid these disruptions, Mozilla strongly advises users to update their Firefox browsers before the deadline. Here are the steps to follow:
For Windows, macOS, and Linux Users:
For Android Users:
Mozilla emphasizes that updating Firefox to version 128 or higher (or ESR 115.13+ for ESR users) is crucial to maintaining the functionality of add-ons and ensuring a smooth browsing experience.
With only a short window left before the certificate expires, users are urged to act promptly to avoid any inconvenience.
Are you from SOC/DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.
A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt…
A threat actor known as #LongNight has reportedly put up for sale remote code execution…
Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile…
Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application…
The European Union has escalated its response to Russia’s ongoing campaign of hybrid threats, announcing…
Venice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as…