Someone with the following user-agent string: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:126.96.36.199) Gecko/2009070611 Firefox/3.0.12 WinNT-PAI 12.06.2009 AutoPager/0.5.2.2 (http://www.teesoft.info/) reported getting the "We’re sorry to report this, but your computer does not meet the minimum system requirements to run this version of Firefox." I'm yet to find out what is automatically adding the "WinNT-PAI" to the string, but for the purpose of this bug it's clearly failing to grab the first "NT 5.1" that is in the string - I reproduced the problem by manually adding "WinNT-PAI" bit to the end of mine.
A quick google search finds a Trojan:Win32/FakeXPA http://www.threatexpert.com/report.aspx?md5=72e15bf94e8cb6ea2fc8d0626774ddd2 If this really is a trojan and detectable in user-agent strings, perhaps we could let them know this and link to http://www.geekpolice.net/malware-removal-guides-f12/how-to-remove-personalav-removal-guide-t11001.htm or something?
We have a number of users experiencing this for various reasons. Any chance we can update our UA sniffing code?
Associated threads: Firefox says I do not have the minimum requirements to load Firefox 3.5 http://support.mozilla.com/en-US/forum/1/503001 I tried to load Firefox and got a message that my system doesn't meet the minimum requirements; what does this mean? http://support.mozilla.com/en-US/forum/1/492305
From http://svn.mozilla.org/projects/mozilla.com/trunk/js/download.js : * The regular expression matches: * - WinNT (not followed by version or followed bu version < 5) gPlatformUnsupported includes: (Win(16|9[x58]|NT( | [^0-9]|[^ ]|$)) The WinNT[^ ] case is what's being hit here. Perhaps that should just be [^ -]?
From bug 554474 (duplicate in comment #5) similar user agent is broken, Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; SpamBlockerUtility 4.8.4; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; WinNT-EVU 11.12.2009) Also hitting the WinNT-
Shall we go with Gavin's [^ -] suggestion? That works for me. I don't know a better solution so far. Also, I'm not sure what our unsupported platforms are, or what those user agent strings could be. This makes it hard to test. By chance, are those documented somewhere? (i.e. testing that unsupported platforms are still matched, and we only changed this edge case)
Attachment #435053 - Flags: review? → review?(fwenzel)
Comment on attachment 435053 [details] [diff] [review] Patch v1 Looks good.
Attachment #435053 - Flags: review?(fwenzel) → review+
Now for the bad news, I found a source claiming these additions to the user agent are caused by malware: http://bink.nu/forums/t/24134.aspx . When searching for EVU (re: comment 6), another group of them pops up. These users seem to unwillingly be part of a fun little bot net.
r65700 Patch v1 on trunk Over to QA
Assignee: buchanae → mozwebqa
Filed bug 559111 for any discussion about detecting malware and notifying the user, since that seems like a much bigger project than this bug.
Looks good using: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:188.8.131.52) Gecko/2009070611 Firefox/3.0.12 WinNT-PAI 12.06.2009 AutoPager/0.5.2.2 Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; SpamBlockerUtility 4.8.4; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; WinNT-EVU 11.12.2009) I want to do a bit more regression-testing with IE 6, 7, 8, Opera, Chrome, and Safari on Windows (and, probably check Linux/Mac, too, just to be sure). I'll update a little later; pushing out AMO right now.
OK, tested on Windows 2000, Windows Server 2003, Vista; haven't found any issues.
Back to Alex.
Assignee: mozwebqa → abuchanan
r70315 on stage/prod
Status: NEW → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → FIXED
Verified FIXED on prod, using Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; SpamBlockerUtility 4.8.4; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; WinNT-EVU 11.12.2009) as my user agent.
Status: RESOLVED → VERIFIED
Component: www.mozilla.org/firefox → www.mozilla.org
Product: Websites → Websites
Component: www.mozilla.org → General
Product: Websites → www.mozilla.org
You need to log in before you can comment on or make changes to this bug.