Since the release of Firefox 65 in late January, many users on Windows systems have had connectivity issues resulting from conflicts between the Web browser and third-party antivirus software. The new Firefox version 68, whose release is scheduled for next Tuesday, July 9, 2019, is designed to address these issues. AV software as an “attacker”. The conflicts in the past were that Firefox reported error messages when calling HTTPS web pages, classifying the connection as “unsafe” (error message “SEC_ERROR_UNKNOWNOWN_ISSUER”).
The cause for these error messages explained now a Firefox developer in a blog entry. Antivirus software is usually configured to try to “man-in-the-middle” (MitM) in TLS connections to scan transmitted data “even before they reach the browser.” Unlike other browsers, Firefox does not rely on the operating system’s own certificate store to verify the trustworthiness of installed (security) software, but uses its own. However, the AV software apparently leveraged the fact that Firefox failed to verify it by means of a certificate as (legitimate) MitM causer. As a consequence, websites called via HTTPS were not reachable due to the seemingly insecure connection.