Code Integrity Event ID 3033 when Firefox.exe loads mozavcodec.dll
Categories
(Core :: DLL Services, defect, P3)
Tracking
()
People
(Reporter: td47, Unassigned)
References
Details
Attachments
(1 file)
|
25.16 KB,
text/plain
|
Details |
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:107.0) Gecko/20100101 Firefox/107.0
Steps to reproduce:
Just used Firefox browser in the normal way, but I run Event Viewer to check if any unusual errors are occurring with ANY errant software or apps.
Actual results:
Under the EV path: Applications & Services logs -> Windows -> Code Integrity -> Operational, I see this regularly under Windows 11:
Event Viewer Code Integrity Log ID 3033
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.
Expected results:
This error should NOT occur. As I am NOT an internals expert with Windows OR Firefox, I am unsure if this is Windows 11 security (AMSI or code signing interface) being too picky or strict, or if this is just the DLL has not been built with the latest Microsoft Signing tool libraries. As it is the main Firefox.exe calling the DLL, I placed the bug here first, as your teams may have the best insight into the issue.
|
Reporter | |
Comment 1•2 years ago
|
||
FYI: I also spotted this related error ID 3033:
"Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements."
NOTE: These happened until yesterday, possibly during/after resumes from sleep or reboots. I have NOT seen it today. BUT, I noticed that the following Microsoft Defender definitions update was applied early today:
"Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.379.673.0)"
It is possible that Microsoft has fixed it, but as these can occur a few days apart, it would be useful to keep this bug report open for a while longer if that is OK.
|
|
Reporter | |
Comment 2•2 years ago
|
||
FYI: I checked again today, the problem is back, so the issues was NOT fixed by "Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.379.673.0)"
Note that BOTH the EVENT ID 3033 errors, for mozavcodec.dll and mozavutil.dll are still occurring sporadically.
|
||
Comment 3•2 years ago
|
||
Thanks for the report.
@Bob, do you know if we've seen this problem before and/or if it looks like a bug? The about:support page shows Malwarebytes is installed.
|
|
Reporter | |
Comment 4•2 years ago
|
||
FYI: Sorry, I should have mentioned in my previous comment, that this issue is happening with the same DLL's as in this Bug report, on both my Windows 11 desktop, AND my Windows 10 desktop, and BOTH are at OS versions 22H2, with all available updates on both. I assume that this would eliminate any suspicion about a profile issue in the FF browsers.
|
||
Comment 5•2 years ago
|
||
I'm pretty sure this is bug 1796391.
It should be fixed properly in bug 1797136, which is in Fx108.
I'll check Beta in a bit to make sure it's gone (I have steps to reproduce for Release).
|
|
||
Comment 6•2 years ago
|
||
I've confirmed that I no longer see this on Firefox Beta, so I'm duplicating this over to bug 1797136.
Thanks again for reporting.
Description
•