Hi All,
I know that the first answer to this is going to be "ask your RMM provider" but...
I use Datto RMM and they have an integration that can install and keep TB up … (читать ещё)
Hi All,
I know that the first answer to this is going to be "ask your RMM provider" but...
I use Datto RMM and they have an integration that can install and keep TB up to date with the latest patches. I have TB installed in a stock system image that I use (v60 something I think) for one particular customer.
Unbeknownst to me, for the past few weeks RMM has been complaining that the downloaded TB installer "did not pass verification checks for its digital signature." and it had been failing to install updates. I'm still trying to find out exactly what that means, I understand what I says, but not why it didn't pass.
Up to this point it was identifying the currently installed version as "Mozilla Thunderbird (x86 en-US)" without giving a specific version number. I assume it was pulling this info from windows directly although I'm not sure and will ask Datto support.
From the RMM logs I see that a couple of days ago it stopped complaining about the digital signature and "upgraded" using the installer from https://download.mozilla.org/?product=thunderbird-91.8.1-SSL&os=win&lang=en-US.
The following day, it started reporting that the installed version was "Currently installed: Mozilla Thunderbird 38.5.0 (x86 en-US)" and I started getting support calls as "all of my email has vanished".
Uninstalling 38.5.0 and re-installing with a cleanly downloaded copy of 91.8.1 resolves the issue.
So, can anyone shed any light on what might have been going on here. Has there been a problem with the code signing cert?, was this a supply chain attack?, did someone accidentally upload a 7 year old build of the installer?
I think my problem is resolved but I would really like to be able to work out what the heck happened.
Anyone got any insight?