Tìm kiếm hỗ trợ

Tránh các lừa đảo về hỗ trợ. Chúng tôi sẽ không bao giờ yêu cầu bạn gọi hoặc nhắn tin đến số điện thoại hoặc chia sẻ thông tin cá nhân. Vui lòng báo cáo hoạt động đáng ngờ bằng cách sử dụng tùy chọn "Báo cáo lạm dụng".

Learn More

New Firefox installer?

  • 4 trả lời
  • 1 gặp vấn đề này
  • 12 lượt xem
  • Trả lời mới nhất được viết bởi James

more options

Hi

I recently downloaded Firefox from the main download page https://www.mozilla.org/en-US/firefox/ The actual download link was: https://cdn.stubdownloader.services.mozilla.com/builds/firefox-stub/en-US/win/aeb02dfeae750c7fa2abe9c7bc07b48193110ac61e2169456253638270735d21/Firefox%20Installer.exe

I normally check my downloads using https://virusscan.jotti.org or https://virustotal.com before I run them with admin privileges. Anyway when I uploaded to http://www.virustotal.com the first thing I noticed was that it had never seen the hash before! (SHA1 hash is 3a974b7394597de41230f7517c293e4b6386eeab.) Once it was uploaded, it was promptly detected by the Cylance antivirus engine.

Can somebody please get in touch with Cylance? I suppose I could contact them myself; however, I prefer not to report it as a "false positive" on the off-chance that particular download actually is corrupted or I got a man in the middle- after all, it's surprising that VirusTotal has never seen this hash before.

Tất cả các câu trả lời (4)

more options

Some protection programs don't like the update/install stubs. Go here for the full installer.

http://www.mozilla.org/en-US/firefox/all/ Download Firefox For All Languages And Systems

Hữu ích?

more options

Thanks for the reply. Turns out a new Firefox version was released yesterday, which explains why VirusTotal hadn't seen the hash of the stub-installer before.

The full, offline installer tests clean, as expected, but interestingly, it reports the following "tags" (see the area of the attached screenshot that I've highlighted in blue):

"cve-1999-0016 cve-2004-0790 cve-2005-0068 exploit overlay peexe signed upx"

This is intriguing: my resumé also gets flagged as "exploit"; the Firefox full installer and my resumé are in fact the only 2 files I have ever seen tagged as "cve-1999-0016" or "exploit."

Hữu ích?

more options

On that, you should contact the scanners support.

Hữu ích?

more options

Mozilla uses cdns to serve Firefox downloads as a more direct one is for example https://archive.mozilla.org/pub/firefox/releases/90.0/win64/


Cylance, Clam, Antiy-AVL, and Jiangmin (and also Norton at times) have done "False Positives" frequently over the years and is often the only one getting a hit when the others are undetected on virustotal or in the antivirus clients.

The common reason for these to have false positives is with 7zS.sfx (look in details on page) which is the 7-ZIP self extractor used since early on and these mentioned antivirus get the occasional false positive hit on that.

Firefox setups for Windows have been self-extracting 7z since the Firefox 0.8 Release (Feb 2004).

For reading as Bugzilla is Not a discussions forum like here. ex: Bug#1468067 - Firefox installer doesn't pass VirusTotal test

"Cylance appears to be detecting anything that's been through UPX as unsafe."

Hữu ích?

Đặt một câu hỏi

Bạn phải đăng nhập vào tài khoản của bạn để trả lời bài viết. Vui lòng bắt đầu một câu hỏi mới, nếu bạn chưa có tài khoản.