We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Zoeken in Support

Vermijd ondersteuningsscams. We zullen u nooit vragen een telefoonnummer te bellen, er een sms naar te sturen of persoonlijke gegevens te delen. Meld verdachte activiteit met de optie ‘Misbruik melden’.

Meer info

Deze conversatie is gearchiveerd. Stel een nieuwe vraag als u hulp nodig hebt.

Freakattack.com reports that firefox is vulnerable on my PC

more options

Reports suggest that Firefox on Windows 7 would not be vulnerable to the 'Freak Attack' but when I test this on freakattack.com https://freakattack.com/clienttest.html it is reporrted as being vulnerable (same with Chrome and IE 11 as it happens). I am running 36.0.

Reports suggest that Firefox on Windows 7 would not be vulnerable to the 'Freak Attack' but when I test this on freakattack.com https://freakattack.com/clienttest.html it is reporrted as being vulnerable (same with Chrome and IE 11 as it happens). I am running 36.0.
Gekoppelde schermafbeeldingen

Gekozen oplossing

I am running Avast 2015 Free Antivirus + Windows Firewall. I just tested again with Avast Web Shield disabled - I get an all clear, same with my other browsers. Presumably this is because Avast is using its own certificate to do MITM. Not sure if I should be worried about that.

@John99 The link you gave is a different issue. I am looking at CVE-2015-0204

Dit antwoord in context lezen 👍 0

Alle antwoorden (5)

more options

edit should have been link From http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0024 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0204

From http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0029 It would appear this is an Internet Explorer issue af IE6 & IE8

When I visit https://freakattack.com/clienttest.html with Fx36 I get the all clear

Good News! Your browser appears to be safe from the FREAK Attack! 

but I am not at the moment using Windows. I will check from Windows and post again if that shows an error; but even if it does; I can not see that it will be an issue, other than a false positive, because Firefox is not listed as vulnerable.

Bewerkt door John99 op

more options

That Freak Attack test is clear for me with Firefox 28.0 on WinXP.

more options

which security software are you running on the pc?

more options

Gekozen oplossing

I am running Avast 2015 Free Antivirus + Windows Firewall. I just tested again with Avast Web Shield disabled - I get an all clear, same with my other browsers. Presumably this is because Avast is using its own certificate to do MITM. Not sure if I should be worried about that.

@John99 The link you gave is a different issue. I am looking at CVE-2015-0204

more options

Yes, you should be worried because even though Firefox has a secure connection to avast!, avast! has a vulnerable connection to the actual website.

In another thread, a user indicated that avast! has a program update that fixes this issue. https://support.mozilla.org/questions/1050235#answer-699463