Mozilla is warning Firefox users to update their browsers to the latest version to avoid facing disruption and security risks caused by the upcoming expiration of one of the company’s root certificates.
The Mozilla certificate is set to expire this Friday, March 14, 2025, and was used to sign content, including add-ons for various Mozilla projects and Firefox itself.
Users need to update their browsers to Firefox 128 (released in July 2024) or later and ESR 115.13 or later for ‘Extended Support Release’ (ESR) users.
“On 14 March a root certificate (the resource used to prove an add-on was approved by Mozilla) will expire, meaning Firefox users on versions older than 128 (or ESR 115) will not be able to use their add-ons,” warns a Mozilal blog post.
“We want developers to be aware of this in case some of your users are on older versions of Firefox that may be impacted.”
A Mozilla support document explains that failing to update Firefox could expose users to significant security risks and practical issues, which, according to Mozilla, include:
- Malicious add-ons can compromise user data or privacy by bypassing security protections.
- Untrusted certificates may allow users to visit fraudulent or insecure websites without warning.
- Compromised password alerts may stop working, leaving users unaware of potential account breaches.
Users are recommended to check and confirm they’re running Firefox version 128 and later via Menu > Help > About Firefox. This action should also automatically trigger a check for updates.
It is noted that the problem impacts Firefox on all platforms, including Windows, Android, Linux, and macOS, except for iOS, where there’s an independent root certificate management system.
Mozilla says that users relying on older versions of Firefox may continue using their browsers after the expiration of the certificate if they accept the security risks, but the software’s performance and functionality may be severely impacted.
“We strongly advise you to update to the latest version to avoid these issues and ensure your browser stays secure and efficient,” advises Mozilla.
Mozilla has also set up a support thread for users who encounter problems or need help updating their Firefox browsers.
Users of Firefox-based browsers like Tor, LibreWolf, and Waterfox should also ensure they’re running a version based on Firefox 128 and later.
Based on an analysis of 14M malicious actions, discover the top 10 MITRE ATT&CK techniques behind 93% of attacks and how to defend against them.
