Mozilla Rolls Out Emergency Fix After Firefox Disables Add-Ons En Masse

Mozilla said on Saturday it was rolling out an emergency fix for a bug in its browser infrastructure that disabled add-ons for most users.

The patch is to be automatically applied to general release users, as well as those using beta and nightly builds, the company said.

It said the short-term patch is being sent out to users via a system called Studies that’s generally used for testing experimental features.

Users can ensure the Studies feature is enabled by looking for it under the Privacy & Security section of Firefox’s Preferences menu.

Expired certificate

The bug was caused by an expired certificate used to validate Firefox add-ons, Mozilla developers said in a bug report.

The certificate expired at midnight GMT (1 a.m. BST) on Friday, causing most add-ons to be disabled en masse for nearly all users, developers said.

The browser indicated that the add-ons were unsupported and needed to be updated, but users who tried to download updates were met with an error message.

The real issue was the expired certificate, according to Mozilla.

The only users who weren’t affected were users of Developer or Nightly versions who had disabled the signature requirement for extensions, developers said.

Mozilla initially posted a message on Twitter saying it had become aware of the problem at about 3 a.m. BST on Saturday.

At about noon BST the company said it had readied a fix.

By then social media sites including Twitter and Reddit were flooded with complaints by users whose add-ons had abruptly stopped working.

“We rolled-out a fix for release, beta and nightly users on Desktop,” the company said in a statement.  “The fix will be automatically applied in the background within the next few hours, you don’t need to take active steps.

“We are working on a general fix that doesn’t need to rely on this and will keep you updated.”

Interim fix

While awaiting a fix, some users suggested the problem could be temporarily solved by setting the system’s clock back several hours, although such a step could have side-effects such as putting an incorrect time stamp on emails sent from that system.

Other users pointed out that users can side-step the validation system with the faulty certificate by using Firefox’s debug mode.

The mode allows XPI extension files to be installed directly from the desktop.

XPI files can be downloaded from Mozilla’s add-ons site by right-clicking on the “Install” button.

Developers said on the bug tracking page that not all add-ons were disabled.

But acknowledged that the bug was an embarrassing error on Mozilla’s part.

“If the signature was due to expire, it should have been renewed weeks ago,” wrote one developer.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

AT&T Admits Data Breach Impacted “Nearly All” Customers

American telecommunications giant AT&T admits that “nearly all” customer accounts were compromised in 2022 breach

2 days ago

Elon Musk’s X Breached DSA Rules, EU Finds

X's Blue checks 'used to mean trustworthy sources of information. Now our preliminary view is…

2 days ago

Japan’s SoftBank Acquires AI Chip Start-up Graphcore

SoftBank Group has purchased another British chip firm, with the acquisition of Bristol-based Graphcore Ltd…

2 days ago

Samsung AI-Upgraded Bixby Voice Assistant Coming This Year

Samsung reportedly confirms it will launch the upgraded voice assistant Bixby this year, that will…

3 days ago

Next Neuralink Brain Implant Coming Soon, Says Musk

Despite an issue with first Neuralink implant in a patient, Elon Musk says second brain…

3 days ago

EU Accepts Apple’s Legal Commitments To Open NFC Access

Legal commitment over Apple's NFC-based mobile payments system, which is to be opened to rival…

3 days ago