Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

"Something is trying to trick Firefox into accepting an insecure update. Please contract your network provider and seek help."

  • 40 replies
  • 1044 have this problem
  • 10 views
  • Last reply by mogra

more options

the above message appeared while I was viewing a website

the above message appeared while I was viewing a website

All Replies (20)

more options

EDITs

one main cause is now understood it is non standard firefox installs suffering from this look downthread at /questions/815130?page=2#answer-189408 

If you have seen this error you can help firefox developers track down the cause please now see my reply /questions/816780#answer-180759 <-- clickable link ->( if blue)-->


I would treat that with caution. It could well be a message designed to trick you into using an insecure site, next you could find other false security alerts, malware downloads or money demands. At present many users are seeing a genuine firefox generated error message


Unless your installation is already compromised the safest way to upgrade is to use the options from within the Firefox Menus. In Firefox 4 there is still the option to check for updates from

  • Firefox Button -> Help -> About Firefox (Check for Updates)

I think in the near future Firefox will; at least by default; be going over to silent updates, and you will then not need to worry about whether you do have to most uptodate version. Your System information is showing you use Firefox 4.0. There is an update for that out, the standard release is now 4.0.1

Modified by John99

more options

Firefox 4.0 - Windows XP 32

This happen from the Help / About menu, nothing to do with an external threat. Apparently it should be an auto-update problem of Firefox, but seem poorly documented. I had to update manually from 4.0 to 4.0.1 by dowloading the new version from Mozzilla. However, my new version now starts checking all add-ons upon start and drive me to the new update page each time I'm starting Firefox

Modified by Chriz

more options

@Chriz

As far as I am aware Firefox 4 should not take you to the add-ons manager each time you start and Firerfox 4 should not be checking compatibility of add-ons on each startup.

Your problem may be slightly different to the original post in this thread, so it may be worth starting your own thread. Are you running separate versions of Firefox but only using a single profile, that may cause similar problems.

I personally do not recognise the message in the thread title. I still consider it should be treated with suspicion. Documentation regarding the autoupdate see

more options

A user with Google Updater (from Google Pack) and Firefox 4 installed gets this error. Google Updater is supposed to be keeping Firefox up to date.

more options

Hi Adisharoon,
Do you have this problem yourself, and do you have Google Updater installed?
( I note Original Poster foxandmoose does not have Google Update listed as an installed plugin )

more options

There are now 94 users reporting this problem in this thread alone. (There are 2 other related threads I am aware of)

It may help is some of you start another thread, you can always link to this one, and try to include additional information such as

  1. what site/s is this happening on
  2. what is apparently generating the message
    ( a screenshot may help )
  3. can you reproduce the result
    • if so how ?
  4. is this blocking your upgrade from say Firefox 4.0 to 4.0.1
  5. have you tried in safe mode do you still get the problem
  6. please give a full list of all installed plugins

Modified by John99

more options

This is not an error message I have personally encountered, and I did initially think it may have been generated by thirdparty software.

It appears from what someone else has written that this error may occur if a certificate is not as expected. I surmise this may happen if you get updates from somewhere other than the official site. (OR as part of a blatent malware problem ) The info is not on an ordinary discussion forum, and unnecessary comments there could be considered spam so I will repeat the information almost in its entirety here instead of providing a link:


The

Firefox update mechanism requires that the certificate used by the web site that provides the update information be the certificate that Mozilla has purchased and this prevents certain types of attacks. If there are 5 failures in a row the notification is displayed. Some proxy software spoofs the certificate used to connect to secure web sites which is likely what is going on here.

Please open the error console (tools -> error console), click clear, open Help -> About, and copy / paste any entries displayed in the error console. Thanks


I myself would add that if you do look at the error console information it may be wise to clear all the entries before trying the update option. It would probably also be worth trying in safe mode - but do not make changes, click continue - and with no other tabs open other than a blank page.

more options

Hey guys I had this problem,came up twice on different web pages .One was googles home page !!!! ran full McAfee scan which came up Zero then ran malwarebytes anti malware full scan 3 hours later came back with I maltrace file ?in the form a list.txt this was deleted and havent seen message since,dont know whether this was the cause or not ,as i am not very technical ,but touch wood havent had any problems since,this was the log.

02/05/2011 11:12:41 mbam-log-2011-05-02 (11-12-41).txt

Scan type: Full scan (C:\|G:\|) Objects scanned: 330112 Time elapsed: 2 hour(s), 44 minute(s), 6 second(s)

Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1

Memory Processes Infected: (No malicious items detected)

Memory Modules Infected: (No malicious items detected)

Registry Keys Infected: (No malicious items detected)

Registry Values Infected: (No malicious items detected)

Registry Data Items Infected: (No malicious items detected)

Folders Infected: (No malicious items detected)

Files Infected: C:\Users\David\list.txt (Malware.Trace) -> Quarantined and deleted successfully.

more options

Hi trevishubby,

Thanks for the comment, if this re-occurs and you get further information I hope you will post back again. If we can find out more about when this occurs someone may be able to find the cause.

To find the cause we will first of all need to be able to recreate the problem reliably, to give someone a case to investigate.

more options

Yo John99,

I have a similar/related issue(s). You've mentioned a couple of other threads, though this is the only one I've found.

Not having received the auto update 0.01 I'd read about, I've been trying for several days to apply a manual. I've had no success, with the resulting pop-out window advising FF is up to date at v.4.

Before receiving the "Tricky" message of this tread, I received a number of pop-out windows with the following text: "Something is preventing Firefox from updating securely. Please make sure that you have the latest version of Firefox from:...". I don't know if this message is mentioned in a related thread, or not.

Yesterday, for the first time, and on two different instances, I received the "Something is trying to trick Firefox into accepting an insecure update. Please contact your network provider and seek help." (The initial question @ top of page cites "contracts". Contracts? We don't need no stinkin' contracts!)

I do have the Google update v.1.3.21.53 plugin reflecting an update on 4/28, and a whole mess 'o other plugins & addons as well. I'm inclined to be reasonably patient w/respect to installing the security fix 0.01 & can leave all settings, logs, etc. untouched if other-guided review of same would be of help in reaching a resolution. I'm new to FF message boards & offering to help out etc. Let me know if I should hold off to help, or if I should break out the howitzers. Thanks John99

5/4/11 @ 1:ooAM EST - Edit: OK John99 .... I lied about the patience thing. After a few hours of snooping around, disabling various & sundry functions in various & sundry applications one at a time, trying manual updates after each, etc. & on & on, I broke down & installed v4.0.1 over v4. It's working flawlessly (so far, knock on wood). Ill continue to retain all logs, etc. intact as previously noted. Thanks - best luck to all.

Modified by BobsYourUncle

more options

Yo BobsYourUncle,

Firstly I think it is safe to assume the contract is just a typo and the word should have been contact. Secondly as it appears from someone else's info that this is a Firefox message caused after problems with security certificates there will probably be more than one cause of the problem.

Google Updater This may well be a special case, my personal thoughts at this time being

  • if anyone has links that discuss or explain this problem they may be handy
    • it may well explain part of the problem
    • users could then choose to live with the problem, or disable/uninstall the problem plugin
    • the google updater community may find or indeed already have a solution
  • if problem is because the google updater is doing something odd or using its own updating system then that is more of a problem with a site, or other software, as opposed to a firefox problem.

I presume the warning message should read:
Something is trying to trick Firefox into accepting an insecure update. Please contact your network provider and seek help
(By including that in the thread it may help others looking for this message)

Other Threads
The forum has a search feature, including an advanced search this link should find most other threads on the subject as it searches for the full message.

I am trying to post info in this thread, but will also look at the others. The advantage of a new thread is that it will hopefully contain the users system info, which is useful when trying to discuss a problem.

Modified by John99

more options

I have Firefox 4.0 on OSX. I found this error in the console errors:

Error: Expected certificate attribute 'commonName' value incorrect, expected: 'aus3.mozilla.org', got: '*.mozilla.org'. Source File: resource://gre/modules/CertUtils.jsm Line: 60

more options

Thanks bjamin335,

I will pass that info on to the bugzilla bug. Are you able to reproduce the error getting the warning message ? (if so it may help if you comment directly yourself)

more options

I just checked, someone has already noted similar info, but no one yet seems to be able to reliably reproduce the condition, are you able to ?

When did this occur, was it on attempting an upgrade from 4.0 to 4.0.1; if so what happens when you try to do that again same problem ? If so you may be the first person we are aware of who can reproduce the problem, and you may be able to help with efforts on solving this.

more options

Please Help if you have this problem
Multiple users replying to this will help. Some of the developers are trying to track down this problem.

There are now over 200 of you reporting you have seen this problem. It would help if we have more users able to provide error console details.

There are two things that you can do to help using the error console that is available from the firefox button.

  • if you see the error message displaying on your screen immediatly use the error console to check the errors.
  • especially if you are expecting an update that has not installed, use the update option from the about firefox option under the firefox button, and before and after trying that check the error console.

If you paste errors of interest into messages it may help. When doing so please also state

  • what version of firefox are you using now
  • did the update fail or succeed

Note

If you wish to try to recreate this error it probably helps if you are using a versionof firefox that needs updating if you downgrade to a previous version that should ensure that an upgrade will be required. Ensure you set firefox to check for upgrades.


Errors of interest Something similar to

Error: Expected certificate attribute 'commonName' value incorrect, expected: 'aus3.mozilla.org', got: '*.mozilla.org'. Source File: resource://gre/modules/CertUtils.jsm
Is definately of interest. It is the certificate errors that are of interest, are many of you getting an error showing *mozilla.org, or are other errors occuring.

Error Console

This is available from

  • Firefox Button -> Web Developer -> Error Console
  • or keyboard
    • Windows/Linux: Ctrl + Shift + J
    • Mac: Cmd + Shift + J

Have a look at the error console details before clearing it, do you see any of the certificate errors. After it has been cleared do these errors keep re-occuring. When you have the error console displayed the details may be copied and pasted, you may need to highlight individual errors with the mouse before they will copy.

more options

Warning: Expected declaration but found '*'. Skipped to next declaration. Source File: http://a.l.yimg.com/a/lib/s9/srp-core-css_201105021621.css Line: 1\ Whatever.... This message has been appearing on my machine too. I would send you my error console, (which is full) but I can't seem to drag all the messages and copy/paste them to this reply???

more options

New here, but, I have been getting the "Something is trying to trick Firefox into accepting an insecure update. Please contact your network provider and seek help." warning also. Running FF 4.0 - Help->about says I am up-to-date. (See attached screenshot) Here are the error console messages after I look at Help->About:

Error: Expected certificate attribute 'commonName' value incorrect, expected: 'aus3.mozilla.org', got: '*.mozilla.org'.    Source File: resource://gre/modules/CertUtils.jsm    Line: 60

Error: Certificate checks failed. See previous errors for details. Source File: resource://gre/modules/CertUtils.jsm Line: 72

These errors can be replicated every time, but the "trick" pop-up seems to happen randomly.

If this is not the help you are looking for I apologize for the clutter.

more options

Here is the screenshot promised in the previous post...

more options

@tommyboy

Thanks for the post, that is exactly what we are looking for. I am hoping others will also post with information, one thing we are trying to determine is if that is the message the majority see, relating to certs, or not.

The popup message is a genuine message, but it appears it is occurring when it should not. Developers are looking at it but having difficulty reproducing the problem.

  • What version of firefox are you using at the moment ?
  • Are you able to reproduce the problem ?
    • if so how ?
    • e.g. do you see these errors in the error console every-time you try to do an update ?
    • are your updates failing or succeeding ?
more options

@wilbur46

The error messages I am looking for are the ones that relate to certificates.

Errors about skipped declarations are fairly common, and not necessarily related to this problem.

As mentioned in my post above you may need to select individual errors with the mouse and then copy and paste them individually.

Often when the error Console is used it is cleared first, then whatever the test or problem is tried and the error console is looked at. Any errors are then recent ones relating to the test, however we are unable to use that method when looking for unexpected errors. What you could try to do is clear the error console fairly frequently. (there is an option to clear the console when you have it open).

  1. 1
  2. 2