In Firefox 65, warnings about MitM attacks will be extended

From version 61, a warning has appeared in the Firefox browser notifying the user if a program is trying to perform a MitM attack (Man-in-the-Middle). In the upcoming version of Firefox 65, this warning will be supplemented with information indicating that the antivirus program may be causing the error.

MOZILLA_PKIX_ERROR_MITM_DETECTED error could appear in Firefox in several situations that are not related to attacks by hackers:

• when scanning encrypted traffic using antivirus;
  
• when analysing HTTPS traffic with various debugging tools.
  

In order to provide users with the most detailed information, MOZILLA_PKIX_ERROR_MITM_DETECTED error notifications will be expanded in Firefox 65.

Prior to version 65 in Firefox, notifications that a certificate could be used in a MitM attack were too uninformative. All the user could see was a brief warning: “Warning: Potential Security Risk Ahead”.

In the Firefox 65 version, a new warning will include an additional description indicating the problematic certificate that could potentially be involved in the MitM attack. The user will then be able to understand exactly which program led to the error - antivirus software, web debugger, or malware.

How to fix the MOZILLA_PKIX_ERROR_MITM_DETECTED error

If the certificate generating the error is legitimate (for example, it belongs to your anti-virus program), you can take the following steps so that the MOZILLA_PKIX_ERROR_MITM_DETECTED error is no longer displayed:

• disable SSL or HTTPS scanning in your antivirus;
  
• enable it again.
  

These actions will result in the antivirus certificate being added to the Firefox certificate store, and the warning disappearing.

If it was malicious or adware software that initiated the MitM attack (tried to insert a certificate), you will need to scan your computer and eliminate all dangerous programs.

Subscribe to our updates to be informed of the latest developments in the SSL world!