Closed Bug 571514 Opened 15 years ago Closed 15 years ago

Norton saw that Firefox.exe as a threat

Categories

(Firefox :: General, defect)

Product:
Firefox
Component:
General
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INCOMPLETE

People

(Reporter: Trevor.McAlear, Unassigned)

Details

(Whiteboard: [CLOSEME 2011-1-30])

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.3a6pre) Gecko/20100611 Minefield/3.7a6pre Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.3a6pre) Gecko/20100611 Minefield/3.7a6pre Norton Internet Security 2011(beta) saw that Firefox.exe was a threat. It proceeded to put Firefox.exe in to quarantine. I fix this error by restoring Firefox.exe. Thought you should know as it is not normal. Reproducible: Didn't try
The best course of action is to notify Norton about the false positive.
Done. Thanks
Since the firefox.exe binary was seen as a threat, there is nothing the installer can do about this, and the installer itself was not identified as a threat (the typical case) moving this over to general.
Component: Installer → General
QA Contact: installer → general
Nightlies aren't signed, which increases the potential for an executable to be quarantined. I'll ping Symantec on it, but a combination of a nightly plus a beta version of adaptive security sw is probably not a typical usecase.
Hardware: Other → x86
Reporter, are you still seeing this issue with Firefox 3.6.13 or later in safe mode? If not, please close. These links can help you in your testing. http://support.mozilla.com/kb/Safe+Mode http://support.mozilla.com/kb/Managing+profiles You can also try to reproduce in Firefox 4 Beta 8 or later, there are many improvements in the new version, http://www.mozilla.com/en-US/firefox/all-beta.html
Whiteboard: [CLOSEME 2011-1-30]
No reply, INCOMPLETE. Please retest with Firefox 3.6.13 or later and a new profile (http://support.mozilla.com/kb/Managing+profiles). If you continue to see this issue with the newest firefox and a new profile, then please comment on this bug.
Status: UNCONFIRMED → RESOLVED
Closed: 15 years ago
Resolution: --- → INCOMPLETE
Just to add on, this is a known side-effect of using unsigned nightlies. Executables that aren't signed are treated with a higher level of scrutiny by the Norton engine. Because of the behaviour the executable exhibits, it occasionally gets flagged/quarantined. The release cadence of nightlies makes it difficult to keep up-to-date (both from an admin and update pov), and whitelisting firefox.exe based on filename alone would be... bad. Using a nightly build you may see this from time to time, and have to whitelist it manually.
You need to log in before you can comment on or make changes to this bug.