This is definitely going to be fun (NOT) for Firefox users. I don’t know about 80% of existing add-ons not being compatible with the new WebExtensions API, only one of my add-ons is compatible with the new WebExtensions API.

I too can also see this as a potentially massive exit for many firefox users as the add-ons were a very big draw. As we get closer to the date and Mozilla see if developers have converted to the new WebExtensions I wonder if this too will be pushed back.

In the past when Mozilla insisted on signed add-ons and that deadline kept getting pushed back as progress from developers was poor.

Hi Dave, the good thing is, that with FF ESR we’re good to go until July 2018.

Yes, but isn’t a little earlier than that it also drops support for XP OS.

Looks like I will probably be dropping back to the ESR build on my other two systems until this mess is sorted out.

1. Nope, the 52.x branch of FF ESR will still be supported for XP/Vista.
2. If so, consider: https://www.ghacks.net/2017/08/02/you-cannot-downgrade-firefox-55-profiles/

2. I’m assuming a clean install of the ESR version, not using an existing profile would work; I had seen this not using FF55 profile in earlier versions.

Yep, should work. Cheers.

Wonder if ESR is really getting everything (security wise).
https://www.komando.com/happening-now/413693/update-firefox-now-critical-security-flaws-leave-you-vulnerable-to-hacks

Sure, see: https://www.mozilla.org/en-US/security/advisories/

Plenty of Phishing
https://blog.avast.com/plenty-of-phishing

unCaptcha: A Low-Resource Defeat of reCaptcha’s Audio Challenge
http://uncaptcha.cs.umd.edu/papers/uncaptcha_woot17.pdf

Shattered Trust: When Replacement Smartphone Components Attack
https://www.usenix.org/system/files/conference/woot17/woot17-paper-shwartz.pdf

Get Rich or Die Trying: A Case Study on the Real Identity behind a Wave of Cyber Attacks on Energy, Mining and Infrastructure Companies
https://blog.checkpoint.com/2017/08/15/get-rich-die-trying-case-study-real-identity-behind-wave-cyberattacks-energy-mining-infrastructure-companies/

Busting Myths in Foxit Reader
https://www.thezdi.com/blog/2017/8/17/busting-myths-in-foxit-reader

ShadowPad in corporate networks
https://securelist.com/shadowpad-in-corporate-networks/81432/
https://cdn.securelist.com/files/2017/08/ShadowPad_technical_description_PDF.pdf

Ransomware Targeting WordPress – An Emerging Threat
https://www.wordfence.com/blog/2017/08/ransomware-wordpress/

Veracode Survey Research Identifies Cybersecurity Skills Gap Causes and Cures
https://www.veracode.com/blog/security-news/veracode-survey-research-identifies-cybersecurity-skills-gap-causes-and-cures

SyncCrypt Ransomware Hides Inside JPG Files, Appends .KK Extension
https://www.bleepingcomputer.com/news/security/synccrypt-ransomware-hides-inside-jpg-files-appends-kk-extension/

Have you reported this to Avast ???

Hi Bob, no, Avast/AVG already detects it, see: https://www.virustotal.com/#/file/877488d8f43548c6e3016abd33e2d593a44d450f1910084733b3f369cbdcae85/detection

Thanks, good to know. I asked since the article stated that only one AV detected it and it wasn’t Avast.
Things change very quickly in this business.