MozillaZine

Upgrading To 57 A Big Mistake

User Help for Mozilla Firefox
wingspar

User avatar
 
Posts: 123
Joined: April 23rd, 2004, 10:16 am

Post Posted January 11th, 2018, 11:24 pm

Another question. I see a number appearing over the AdBlock Plus icon and it constantly changes. What is that number for?
Gary
Will Fly for Food

Vitesse
 
Posts: 1236
Joined: April 21st, 2011, 6:03 pm

Post Posted January 12th, 2018, 2:22 am

Firefox dropped mainstream support for XP - and Vista - a while back. If you wish to use an XP machine with Firefox, the latest version which you can use is 52 ESR (Extended Support Release), which is primarily designed for enterprise users. It still receives seccurity updates, but you should be aware that in due course even that will eventually no longer work on XP.

If you're unhappy with Firefox 57 on your main Winows 7 system then rather than reverting to Firefox 56, can I suggest that you look at Waterfox? It is essentially Firefox 56, will continue to receive security fixes and developments and installs alongside Firefox, using its own profile, which it will import from your existing Firefox.

Kevin McFarlane
 
Posts: 514
Joined: November 10th, 2009, 3:47 am

Post Posted January 12th, 2018, 4:13 am

wingspar wrote:
DanRaisch wrote:Just make sure your running a really good anti-virus with that out of date and vulnerable version of Firefox.


56 was last updated in October. To me, that is NOT old and outdated. Yes, I run a very strong firewall and antivirus.


Out of date as in it will not get security updates.

smsmith
Moderator

User avatar
 
Posts: 19542
Joined: December 7th, 2004, 8:51 pm
Location: Indiana

Post Posted January 12th, 2018, 7:40 am

wingspar wrote:Another question. I see a number appearing over the AdBlock Plus icon and it constantly changes. What is that number for?

The number of items blocked on the page by your filters.

Also, as Kevin mentions, v56 will no longer get updates. v57 has had at least one security related update since its release, and it's going to be retired itself in about a week or two. At this point, if you really insist on using an older version of Fx, the absolute best option is to use the ESR (extended support release), which is meant for people/groups that don't need or want to update every six weeks. It won't be retired until July, I believe, before being updated to v60+/- base.
Give a man a fish, and he eats for a day. Teach a man to fish, and he eats for a lifetime.
I like poetry, long walks on the beach and poking dead things with a stick.
Please do not PM me for personal support. Keep posts here in the Forums instead and we all learn.

RobertJ
Moderator

User avatar
 
Posts: 10390
Joined: October 15th, 2003, 7:40 pm
Location: Chicago IL/Oconomowoc WI

Post Posted January 12th, 2018, 3:32 pm

.
As smsmith and others have said, moving to the ESR is the best solution until July; after that ESR it will be based on FF60.

If you haven't read about the latest Meltdown and Spectre bugs that affect a variety of CPUs, you should. FF57 has made changes to mitigate the problem.

Security should not be taken lightly; and, virus protection is not enough. It will not solve the malware threat.

Ignore at your own risk.

.
FF 57.0.4 - FF 58b16 - Palemoon 27.6.2 - TB 52.5.2 - Mac OSX 10.13.2
Computers I've used: IBM 7094/UNIVAC 1108/IBM 360/DEC PDP11/DEC VAX-11 780/DEC VAXstation 8000/Sun SPARCstation 2/Mac from 1984 to 2018

Frank Lion

User avatar
 
Posts: 19632
Joined: April 23rd, 2004, 6:59 pm
Location: ... The Exorcist....United Kingdom

Post Posted January 12th, 2018, 4:28 pm

http://slash7.com/2006/12/22/vampires/


wingspar wrote:That isn’t what I want to do. I want to go back to 56.

We are here solely to grant your every wish - http://ftp.mozilla.org/pub/firefox/releases/56.0.2/

Sorted.
Metal Lion latest SeaMonkey & Thunderbird Themes - Sea Monkey and Silver Sea Monkey
"The only thing necessary for the triumph of evil, is for good men to do nothing." - Edmund Burke (attrib.)

makaiguy

User avatar
 
Posts: 16524
Joined: November 18th, 2002, 6:44 pm
Location: Somewhere in SE USA

Post Posted January 12th, 2018, 4:55 pm

Frank Lion wrote:http://slash7.com/2006/12/22/vampires/


Great find, Frank.
Doug Wilson, "The Makai Guy"
Win10 (64bit): FF 52.4.0 ESR (64bit), TB 52.3.0 (32bit)║ Android 7.0/7.1.1: FF 57.0, No TB for Android available, dammit!
What a fool believes he sees, no wise man has the power to reason away - Doobie Brothers

LIMPET235
Moderator

User avatar
 
Posts: 37869
Joined: October 19th, 2007, 1:53 am
Location: The South Coast of N.S.W. Oz.

Post Posted January 13th, 2018, 2:45 am

Just a FWIW, if anyone cares to "take the test."
From, > https://www.askwoody.com/
Günter Born has an important recap of the the test website xlab.tencent.com,
which "has a tool" that can check to see if your browser is currently susceptible to Spectre attacks.


Well, after trying it in my old/er version, I am not vulnerable,
but with v57.0, I am.
Test site > http://xlab.tencent.com/special/spectre ... check.html

Interesting.
Ancient Amateur Astronomer
Win-7-HP/Intel® DualCore-2.0GHz/500G HDD/4 Gig Ram/550Watt PSU/350WattUPS/Firefox-20.0-56.0.1-57.0/T-bird-2.0.0.24/SnagIt-v10.0.1/MWP-7.11.0.
RadioYachting. (Always choose the "Custom" Install.)

Brummelchen
 
Posts: 2857
Joined: March 19th, 2005, 10:51 am

Post Posted January 13th, 2018, 3:02 am

my 57.0.4 is NOT concerned - fresh profile - seems you have nuts :p
$ Start checking...
$
$ According to our checking
$ Your browser is NOT VULNERABLE to Spectre
$

a notice to current question - we should not take care again of quantum deniers - let them run into trouble, thats no longer our business, too much talking about pros and cons and rants. although i am a responsible - just fed up. [-(

bob c
 
Posts: 94
Joined: September 7th, 2003, 10:09 am

Post Posted January 13th, 2018, 3:54 am

LIMPET235 wrote:Just a FWIW, if anyone cares to "take the test."
From, > https://www.askwoody.com/
Günter Born has an important recap of the the test website xlab.tencent.com,
which "has a tool" that can check to see if your browser is currently susceptible to Spectre attacks.


Well, after trying it in my old/er version, I am not vulnerable,
but with v57.0, I am.
Test site > http://xlab.tencent.com/special/spectre ... check.html

Interesting.




Is that site for real on the test. States my browsers, 3, (SeaMonkey, ESR, 57.0.4), all are not vulnerable. How can that be? What am I missing? Or is it not legit?

Frank Lion

User avatar
 
Posts: 19632
Joined: April 23rd, 2004, 6:59 pm
Location: ... The Exorcist....United Kingdom

Post Posted January 13th, 2018, 4:21 am


Yeah, because I'm really going to click a button on an unknown Chinese test site for Spectre vulnerability,, all on the assumption that the 'askwoody' site has checked it out properly.

Not going to happen.
Metal Lion latest SeaMonkey & Thunderbird Themes - Sea Monkey and Silver Sea Monkey
"The only thing necessary for the triumph of evil, is for good men to do nothing." - Edmund Burke (attrib.)

LIMPET235
Moderator

User avatar
 
Posts: 37869
Joined: October 19th, 2007, 1:53 am
Location: The South Coast of N.S.W. Oz.

Post Posted January 13th, 2018, 4:22 am

Why is my v57.0 vulnerable?

Well, it's probably because it's just that > v57.0 & not the latest, 57.0.4 or whatever "they're" up to now.

Strange that it said my old/er version was not though.
Image

&, Yes.
The test is legit. (Woody & Gunter said so.) :)

It's just getting a few minor? tweaks.
Ancient Amateur Astronomer
Win-7-HP/Intel® DualCore-2.0GHz/500G HDD/4 Gig Ram/550Watt PSU/350WattUPS/Firefox-20.0-56.0.1-57.0/T-bird-2.0.0.24/SnagIt-v10.0.1/MWP-7.11.0.
RadioYachting. (Always choose the "Custom" Install.)

bob c
 
Posts: 94
Joined: September 7th, 2003, 10:09 am

Post Posted January 13th, 2018, 6:17 am

This is from article at ghacks.net (https://www.ghacks.net/2018/01/11/find- ... e-attacks/) website about the Tencents test for vulnerability.


"This uncertainty is a thing of the past however as Tencent’s XUANWU Lab released an online tester that checks whether web browsers are vulnerable to Spectre."

therube

User avatar
 
Posts: 18177
Joined: March 10th, 2004, 9:59 pm
Location: Maryland USA

Post Posted January 13th, 2018, 7:02 am

Not all browser versions were affected by all the associated exploits.
52 is not affected (or not affected - enough), though the next 52.6 ESR release will have additional mitigations.
57.0.0 - 57.0.3 were affected, with some "fixes" included in 57.0.4 (& you've got to figure that 58 will have more).
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball CopyURL+ FetchTextURL FlashGot NoScript

mightyglydd

User avatar
 
Posts: 9090
Joined: November 4th, 2006, 7:07 pm
Location: Hollywood Ca.

Post Posted January 13th, 2018, 9:12 am

Brummelchen wrote:quantum deniers

Oh dear..... a new talking point/'name shaming' for Moz-Co agnostics?
#KeepFightingMichael

Return to Firefox Support


Who is online

Users browsing this forum: Google Adsense [Bot] and 13 guests