Posts: 720 +694
You would think that a company whose main product is a browser would know a thing or two about security certificates. But yesterday, Firefox users with any add-on installed found their beloved browser had reverted to its 'vanilla' form, as an expired security certificate meant all add-ons couldn't be verified and thus were disabled.
Confused users headed to the Firefox subreddit and Mozilla's own 'bugzilla' forums where confirmation was given of the problem. It transpired that an intermediate signing certificate had expired, which is pivotal to the verification process for extensions and add-ons. In a statement to Engadget, Mozilla's Product Lead, Kev Needham, said "we know what the issue is and are working hard to restore add-on functionality to Firefox as soon as possible."
This is particularly embarassing for Mozilla, not least because it's not the first time this has happened. The same thing happened about three years ago but apparently Mozilla didn't learn from their mistake. Certificates such as this are pretty straightforward to renew, so it's a terrible oversight on their part.
To their credit nonetheless, they have leapt into action to tried and resolve the situation immediately. Mozilla have been updating their customers via their Twitter, and Saturday morning confirmed they had identified the problem and gave assurances that a hotfix was about to be deployed. As of writing, the behind-the-scenes hotfix should be working so no updates will be needed on users' side.