We have finished analyzing what happened with this incident. The root cause is an incompatibility between the protocol used in the newerst versions of the `aswJsFlt.dll` library with respect to previous versions, which triggered a server-side crash. The server-side bug should now be patched in the latest versions of the DLL. The scenario to reproduce the crash is as follows: - Install an old version of Avast with version 18.0.1473.0 of `aswJsFlt.dll`. - Start Firefox. A named pipe server thread will run in the main process using version 18.0.1473.0 of `aswJsFlt.dll`. - Receive an Avast update in the background that changes the version of `aswJsFlt.dll` to something more recent than 18.0.1473. - Open new tabs. The new child processes will run with the new version of the DLL and communicate on the named pipe. - Visit a website which uses a JavaScript script with a size of at least 2KB in one of the new tabs.
Bug 1794064 Comment 17 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
We have finished analyzing what happened with this incident. The root cause is an incompatibility between the protocol used in the newest versions of the `aswJsFlt.dll` library with respect to previous versions, which triggered a server-side crash. The server-side bug should now be patched in the latest versions of the DLL. The scenario to reproduce the crash is as follows: - Install an old version of Avast with version 18.0.1473.0 of `aswJsFlt.dll`. - Start Firefox. A named pipe server thread will run in the main process using version 18.0.1473.0 of `aswJsFlt.dll`. - Receive an Avast update in the background that changes the version of `aswJsFlt.dll` to something more recent than 18.0.1473. - Open new tabs. The new child processes will run with the new version of the DLL and communicate on the named pipe. - Visit a website which uses a JavaScript script with a size of at least 2KB in one of the new tabs.
We have finished analyzing what happened with this incident. The root cause is an incompatibility between the protocol used in the newest versions of the `aswJsFlt.dll` library with respect to previous versions, which triggered a server-side crash. The server-side bug should now be patched in the latest versions of the DLL. The scenario to reproduce the crash is as follows: - Install an old version of Avast with version 18.0.1473.0 of `aswJsFlt.dll`. - Start Firefox. A named pipe server thread will run in the main process using version 18.0.1473.0 of `aswJsFlt.dll`. - Receive an Avast update in the background that changes the version of `aswJsFlt.dll` to something more recent than 18.0.1473.0. - Open new tabs. The new child processes will run with the new version of the DLL and communicate on the named pipe. - Visit a website which uses a JavaScript script with a size of at least 2KB in one of the new tabs. If I understood correctly, Avast intends to patch the upcoming version of the DLL as well, so that updating to it will not crash older versions of the named pipe server: new clients will not communicate with old version servers anymore.
We have finished analyzing what happened with this incident. The root cause is an incompatibility between the protocol used in the newest versions of the `aswJsFlt.dll` library with respect to previous versions, which triggered a server-side crash. The block from comment 5 was exactly what was required to mitigate this crash, and has likely allowed the vast majority of Firefox users to have their DLL updated without crashing. The server-side bug should now be patched in the latest versions of the DLL. The scenario to reproduce the crash is as follows: - Install an old version of Avast with version 18.0.1473.0 of `aswJsFlt.dll`. - Start Firefox. A named pipe server thread will run in the main process using version 18.0.1473.0 of `aswJsFlt.dll`. - Receive an Avast update in the background that changes the version of `aswJsFlt.dll` to something more recent than 18.0.1473.0. - Open new tabs. The new child processes will run with the new version of the DLL and communicate on the named pipe. - Visit a website which uses a JavaScript script with a size of at least 2KB in one of the new tabs. If I understood correctly, Avast intends to patch the upcoming version of the DLL as well, so that updating to it will not crash older versions of the named pipe server: new clients will not communicate with old version servers anymore.
We have finished analyzing what happened with this incident. The root cause is an incompatibility between the protocol used in the newest versions of the `aswJsFlt.dll` library with respect to previous versions, which triggered a server-side crash. The block from comment 5 was exactly what was required to mitigate this crash, and has likely allowed the vast majority of Firefox users to have their DLL updated without crashing. The server-side bug should now be patched in the latest versions of the DLL. The scenario to reproduce the crash is as follows: - Install an old version of Avast with version 18.0.1473.0 of `aswJsFlt.dll`. - Start a Firefox version compatible with your version of `aswJsFlt.dll` (in my case, 105.0.1 for 18.0.1473.0). A named pipe server thread will run in the main process using version 18.0.1473.0 of `aswJsFlt.dll`. - Receive an Avast update in the background that changes the version of `aswJsFlt.dll` to something more recent than 18.0.1473.0. - Open new tabs. The new child processes will run with the new version of the DLL and communicate on the named pipe. - Visit a website which uses a JavaScript script with a size of at least 2KB in one of the new tabs. If I understood correctly, Avast intends to patch the upcoming version of the DLL as well, so that updating to it will not crash older versions of the named pipe server: new clients will not communicate with old version servers anymore.
We have finished analyzing what happened with this incident. The root cause is an incompatibility between the protocol used in the newest versions of the `aswJsFlt.dll` library with respect to previous versions, which triggered a server-side crash. The block from comment 5 was exactly what was required to mitigate this crash, and has likely allowed the vast majority of Firefox users to have their DLL updated without crashing. The server-side bug should now be patched in the latest versions of the DLL. The scenario to reproduce the crash is as follows: - Install an old version of Avast with version 18.0.1473.0 or older of `aswJsFlt.dll`. - Start a Firefox version that is supported by your version of `aswJsFlt.dll` (in my case, 105.0.1 for 18.0.1473.0). A named pipe server thread will run in the main process using version 18.0.1473.0 or older of `aswJsFlt.dll`. - Receive an Avast update in the background that changes the version of `aswJsFlt.dll` to something more recent than 18.0.1473.0. - Open new tabs. The new child processes will run with the new version of the DLL and communicate on the named pipe. - Visit a website which uses a JavaScript script with a size of at least 2KB in one of the new tabs. If I understood correctly, Avast intends to patch the upcoming version of the DLL as well, so that updating to it will not crash older versions of the named pipe server: new clients will not communicate with old version servers anymore.
We have finished analyzing what happened with this incident. The root cause is an incompatibility between the protocol used between main and content Firefox processes in the newest versions of the `aswJsFlt.dll` library with respect to previous versions, which triggered a server-side crash. The block from comment 5 was exactly what was required to mitigate this crash, and has likely allowed the vast majority of Firefox users to have their DLL updated without crashing. The server-side bug should now be patched in the latest versions of the DLL. The scenario to reproduce the crash is as follows: - Install an old version of Avast with version 18.0.1473.0 or older of `aswJsFlt.dll`. - Start a Firefox version that is supported by your version of `aswJsFlt.dll` (in my case, 105.0.1 for 18.0.1473.0). A named pipe server thread will run in the main process using version 18.0.1473.0 or older of `aswJsFlt.dll`. - Receive an Avast update in the background that changes the version of `aswJsFlt.dll` to something more recent than 18.0.1473.0. - Open new tabs. The new child processes will run with the new version of the DLL and communicate on the named pipe. - Visit a website which uses a JavaScript script with a size of at least 2KB in one of the new tabs. If I understood correctly, Avast intends to patch the upcoming version of the DLL as well, so that updating to it will not crash older versions of the named pipe server: new clients will not communicate with old version servers anymore.
We have finished analyzing what happened with this incident. It involves named pipe IPC between a server that runs in the Firefox main process and its clients who run in child processes, in particular content processes. The root cause of the incident is that the new protocol used to communicate on the named pipe in the newest versions of `aswJsFlt.dll` is incompatible with the one used in older versions, and this can trigger a server-side crash. The block from comment 5 was exactly what was required to mitigate this crash, and has likely allowed the vast majority of Firefox users to have their DLL updated without crashing. The server-side bug should now be patched in the latest versions of the DLL. If I understood correctly, Avast intends to patch the upcoming version of the DLL as well, so that updating to it will not crash older versions of the named pipe server: new clients will not communicate with old version servers anymore. The scenario to reproduce the crash is as follows: - Install an old version of Avast with version 18.0.1473.0 or older of `aswJsFlt.dll`. - Start a Firefox version that is supported by your version of `aswJsFlt.dll` (in my case, 105.0.1 for 18.0.1473.0). A named pipe server thread will run in the main process using version 18.0.1473.0 or older of `aswJsFlt.dll`. - Receive an Avast update in the background that changes the version of `aswJsFlt.dll` to something more recent than 18.0.1473.0. - Open new tabs. The new child processes will run with the new version of the DLL and communicate on the named pipe. - Visit a website which uses a JavaScript script with a size of at least 2KB in one of the new tabs.
We have finished analyzing what happened with this incident. It involves named pipe IPC between a server that runs in the Firefox main process and its clients who run in child processes, in particular content processes. The root cause of the incident is that the new protocol used to communicate on the named pipe in the newest versions of `aswJsFlt.dll` is incompatible with the protocol used in older versions, and this can trigger a server-side crash. The block from comment 5 was exactly what was required to mitigate this crash, and has likely allowed the vast majority of Firefox users to have their DLL updated without crashing. The server-side bug should now be patched in the latest versions of the DLL. If I understood correctly, Avast intends to patch the upcoming version of the DLL as well, so that updating to it will not crash older versions of the named pipe server: new clients will not communicate with old version servers anymore. The scenario to reproduce the crash is as follows: - Install an old version of Avast with version 18.0.1473.0 or older of `aswJsFlt.dll`. - Start a Firefox version that is supported by your version of `aswJsFlt.dll` (in my case, 105.0.1 for 18.0.1473.0). A named pipe server thread will run in the main process using version 18.0.1473.0 or older of `aswJsFlt.dll`. - Receive an Avast update in the background that changes the version of `aswJsFlt.dll` to something more recent than 18.0.1473.0. - Open new tabs. The new child processes will run with the new version of the DLL and communicate on the named pipe. - Visit a website which uses a JavaScript script with a size of at least 2KB in one of the new tabs.
We have finished analyzing what happened with this incident. It involves named pipe IPC between a server that runs in the Firefox main process and its clients who run in child processes, in particular content processes. The root cause of the incident is that the new protocol used to communicate on the named pipe in the newest versions of `aswJsFlt.dll` is incompatible with the protocol used in older versions, and this can trigger a server-side crash. The block from comment 5 was exactly what was required to mitigate this crash, and has likely allowed the vast majority of Firefox users to have their DLL updated without crashing. The server-side bug should now be patched in the latest versions of the DLL. If I understood correctly, Avast intends to patch the upcoming version of the DLL as well, so that updating to it will not crash older versions of the named pipe server anymore: new clients will not communicate with old version servers. The scenario to reproduce the crash is as follows: - Install an old version of Avast with version 18.0.1473.0 or older of `aswJsFlt.dll`. - Start a Firefox version that is supported by your version of `aswJsFlt.dll` (in my case, 105.0.1 for 18.0.1473.0). A named pipe server thread will run in the main process using version 18.0.1473.0 or older of `aswJsFlt.dll`. - Receive an Avast update in the background that changes the version of `aswJsFlt.dll` to something more recent than 18.0.1473.0. - Open new tabs. The new child processes will run with the new version of the DLL and communicate on the named pipe. - Visit a website which uses a JavaScript script with a size of at least 2KB in one of the new tabs.