Avast install a certificate at Firefox pront master password

Hello Everybody

Since the last update from Avast everytime that launch Firefox it ask me to introduce the master password at starup. I have been investigating and looks the cause is the certificate “C:\ProgramData\AVAST Software\Avast\wscert.der”, erasing it from the registry it solves the problem but when you restart Avast reinstall the entry, so you have again the annoying problem.

Is any way to solve the matter?

Best regards

Hello,
it’s a firefox bug
https://forum.avast.com/index.php?topic=226462.msg1501396#msg1501396

Thank you Chris and sorry, I didn´t found that this matter was alredy posted. :-[

Following the links indicates that this bug is reported in bugzilla, this is not necesary mean that is a Firefox´s error, only that is reported. In other forums indicates that is Avast fault, in any way doesn´t matter whose error is, we have to wait for a solution. :frowning: :frowning:

Thank again Chris

It’s definitely a firefox bug, and if you follow the link on bugzilla I posted it says: “RESOLVED FIXED in Firefox 67”, it’s proof that it’s not avast’s fault and so to answer your question, the solution will come when updating firefox 67 or if you don’t want to wait … by downloading the beta of this version
It’s easy to say that it’s avast’s fault because the problem is only present for those who have avast, but in fact it’s the opposite: the antivirus security has detected that firefox has touched something that shouldn’t have been in the certificates.
Indeed you may not encounter this problem with a sieve antivirus, but it will also mean that it does not do its job well on certificate management.Avast does it not through his own fault. :wink:

Please, don´t be angry Chris,

I´ve tried in Firefox side and I´ve tried in Avast side, each of them say the fault is in the other side and the user is in the middle of it, nothing more.

Update Firefox to the latest release and your problem will be fixed.
Firefox messed up and Firefox has fixed the problem .

I’m not angry, it’s just that when firefox admits its own problem (still on the link given on May 1st), I don’t see why we’re crushing our minds to look for another culprit. ???
You’ve tried in Firefox side and they said you it’s avast fault ?
it wasn’t supposed to be the answer of one of their staff.
As bob says, it’s solved now with the firefox update, which removes any doubts you may still have about what was said a week ago.

Related to be fix by Mozilla with new v67 version

For the record, it’s not fixed in FF ESR 60.7 for me (despite being marked as fixed by Mozilla).

@chris… do you have any evidence for this? It is not mentioned in the Fx 67.0 release notes and the bug fix is actually targeted at Fx 68 (see the bug you quoted on May 1st).

Mozilla messed up nothing. Avast abused the policies mechanism to crowbar its certificate into Firefox (see comment #14 in the quoted bug).