What is the best way to close Firefox during a malware attack ?
How do you recommend to close Firefox on a Windows machine if you believe you are facing a malware attack ? For instance, if you get the orange screen "Urgent Firefox Update" that we have been suffering from, is it better to:
(1) Close Firefox by clicking the red x in the top right of the window, then Yes on do you want to close all tabs. This seemed to have worked for me with the current orange screen attack. Could such clicks could be hijacked to download the malware in some types of attacks ?
(2) Press Control Alt Delete and end Firefox in the Task Manager Although I have Firefox set to delete all history on close, it still restores session after crash by default. It would be nice if it did not restore crashed sessions by default, because usually those are crashing for a reason and will crash again - in this case would expose to malware again. Currently I believe one has to go through a procedure of going into AppData and removing the restore session file.
(3) Go to the Start Menu and hit Shutdown, or Hold the power button and force shutdown. Does this have the risk that the malware would download during the shutdown and not be caught by the internet security software ?
Modified
Chosen solution
I generally close (unwanted) tabs using Ctrl+w. It is possible for scripts in website to intercept keyboard commands, so perhaps it makes more sense to let Windows close the active window. If you hover the Firefox icon on the taskbar, you typically find an "X" on the thumbnail of the current tab. (I'm basing this on Windows 7, so maybe it's changed in Windows 10?) Sometimes a script in the page will then fire and ask you not to leave. You can usually interact with that dialog safely, without needing to "crash" Firefox.
Read this answer in context 👍 0All Replies (9)
The malware being spread by the "Urgent Firefox update" message requires you to actually download and install an exe. So long as you don't download and install that exe you are not vulnerable. If you have downloaded and run that exe, you should follow the steps at Troubleshoot Firefox issues caused by malware
marie15 said
Press Control Alt Delete and end Firefox in the Task Manager
Although I have Firefox set to delete all history on close, it still restores session after crash by default. It would be nice if it did not restore crashed sessions by default, because usually those are crashing for a reason and will crash again - in this case would expose to malware again. Currently I believe one has to go through a procedure of going into AppData and removing the restore session file.
You can change how Firefox does crash recovery at startup. Usually Firefox will try to restore previous session tabs automatically, but you can set Firefox to instead display a list and let you choose, to avoid reloading problem tabs. Here's how:
(1) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button promising to be careful.
(2) In the search box above the list, type or paste sess and pause while the list is filtered
(3) Double-click the browser.sessionstore.max_resumed_crashes preference and change the value from 1 to 0 (that's a zero) and click OK
Now when you restart Firefox after a crash, instead of an automatic restore, you should get the "This is embarrassing" screen with a checklist of tabs you can choose to restore or not restore.
Please do not modify other sessionstore preferences through about:config without researching what they do first.
Tyler Downer said
The malware being spread by the "Urgent Firefox update" message requires you to actually download and install an exe. So long as you don't download and install that exe you are not vulnerable. If you have downloaded and run that exe, you should follow the steps at Troubleshoot Firefox issues caused by malware
Hy Tyler, Thanks for your quick response. Sorry not to be more clear, my question was a general one. What is the best way to get out of Firefox if you are being attacked ? I already know NOT to click on the .exe, but I am wondering for the general case of a malware attack, what is the safest thing to do, (1) click on the red x of the Firefox window, end Firefox via the Task Manager, use Start>Shutdown, or shut down the computer with the powerbutton. Is there a general best approach or does it depend ?
jscher2000 said
You can change how Firefox does crash recovery at startup. Usually Firefox will try to restore previous session tabs automatically, but you can set Firefox to instead display a list and let you choose, to avoid reloading problem tabs. Here's how:
Hi jscher2000, Thank you for your quick response. I will try that. Do you also have a recommendation when faced with a malware attack, is it better to close Firefox by clicking on the red x at top right of the window, Press the "Exit Firefox" button in the Dropdown menu, use the Task Manager to end Firefox, or shut down the computer ?
Chosen Solution
I generally close (unwanted) tabs using Ctrl+w. It is possible for scripts in website to intercept keyboard commands, so perhaps it makes more sense to let Windows close the active window. If you hover the Firefox icon on the taskbar, you typically find an "X" on the thumbnail of the current tab. (I'm basing this on Windows 7, so maybe it's changed in Windows 10?) Sometimes a script in the page will then fire and ask you not to leave. You can usually interact with that dialog safely, without needing to "crash" Firefox.
marie15 said
is it better to close Firefox by clicking on the red x at top right of the window, Press the "Exit Firefox" button in the Dropdown menu, use the Task Manager to end Firefox, or shut down the computer ?
The X on title bar only closes that one window and not Firefox if it is not the only window open.
The Exit/Quit depending on OS will close Firefox properly.
Using the task manager to stop Firefox or still having Firefox running when you shut down PC will crash Firefox.
jscher2000 said
I generally close (unwanted) tabs using Ctrl+w. It is possible for scripts in website to intercept keyboard commands, so perhaps it makes more sense to let Windows close the active window. If you hover the Firefox icon on the taskbar, you typically find an "X" on the thumbnail of the current tab. (I'm basing this on Windows 7, so maybe it's changed in Windows 10?) Sometimes a script in the page will then fire and ask you not to leave. You can usually interact with that dialog safely, without needing to "crash" Firefox.
Hi jscher2000, That sounds great, I will try that if it happens again. It does work in Windows 10 as well, I am glad they kept that feature.
James said
marie15 saidis it better to close Firefox by clicking on the red x at top right of the window, Press the "Exit Firefox" button in the Dropdown menu, use the Task Manager to end Firefox, or shut down the computer ?The X on title bar only closes that one window and not Firefox if it is not the only window open.
The Exit/Quit depending on OS will close Firefox properly.
Using the task manager to stop Firefox or still having Firefox running when you shut down PC will crash Firefox.
Hi James, Thanks, that is a good point that the X only closes the one window of Firefox. If it is the window with the malware waiting to download, then hopefully that would at least get you out of the threat situation, and you could then close whatever else there is and do antivirus scans. I don't care whether Firefox crashes or closes properly, I am only interested in what is safest in preventing infection.
In this case you only get infected if you actually download the firefox-patch.exe and run it.