Firefox 100 on Windows 7 requires the KB4474419 update

erpster4

Member
Guru
Local time
7:03 PM
Messages
507

My Computer My Computer

At a glance

Windows 7 SP1 Home Premium 64bit [x64]Intel(R) Core(TM) i5-2310 CPU @ 2.90GHz6 GBIntel HD Graphics 2000
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell Inspiron 620
OS
Windows 7 SP1 Home Premium 64bit [x64]
CPU
Intel(R) Core(TM) i5-2310 CPU @ 2.90GHz
Memory
6 GB
Graphics Card(s)
Intel HD Graphics 2000
Sound Card
Conexant CX20641 HD Audio
Hard Drives
Western Digital 1TB (1024GB) WD10EALX-759BA1
Internet Speed
Spectrum Cable Internet up to 100Mbps
Hopefully, no one will try to install Mozilla Firefox 100 immediately after doing a clean install of Windows 7 SP1 and not installing any updates for it yet.
:rolleyes:
 

My Computer My Computer

At a glance

Windows 7 Professional SP1 64-bitIntel Core i7-4790 3.60 GHz32 GB DDR3-1600 MHzIntegrated Intel HD Graphics 4600
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Dell OptiPlex 9020
OS
Windows 7 Professional SP1 64-bit
CPU
Intel Core i7-4790 3.60 GHz
Memory
32 GB DDR3-1600 MHz
Graphics Card(s)
Integrated Intel HD Graphics 4600
Monitor(s) Displays
Viewsonic 32" LCD
Hard Drives
Kingston SATA 3 240 GB SSD
Internet Speed
Spectrum Internet 1000 Mbps
Absent of that, portable Firefox would work if for some reason some user doesn't want the update that allows SHA256 hash code signing.

For those that don't know. SHA256 (pronounced shaw 256) is a cryptographic hash of data. This hash is a long sting of 64 hexadecimal (A-F - 0-9 ) characters. These unique characters can identify data and ONLY that data. So, if you compute a SHA256 hash for a file using something like HashTools, that file in its current form will have a unique hash to it and none other. If only one stickin' bit of data is changed, the whole damn hash value changes. This is why VirusTotal uses SHA256 and so does cryptocurrency like Bitcoin et al. If you could crack SHA256, you just become a multi billionaire in the cryptocurrency department to say the least...

Since SHA256 creates such a unique string of characters, using it for code signing installers means it has verification purposes in an effort to thwart a forgery.

Your IoT (Internet of Things) devices like a smart speaker, wireless camera, fridge, etc or perhaps even your router firmware updates? They all seldom lack code signing which means a hacker can replace the firmware at will and take control... Now all these devices can be controlled for various purposes. One is for massive DDoS (Distributed Denial of Service) purposes. Hacked routers means a hacker can use your router as a stepping stone so there's no trace back to them.

It'll take an act of congress to make sure these things have code signing as a legal requirement among some other basic, non over reaching approaches that need to be law. I'd consult a consortium of IT and white hack, ethical hackers...

SIdenote: There's also SHA512. Guess how many characters in this string? If you said 128 you are correct.

Further reading:

Whirlpool (hash function) - Wikipedia

bcrypt - Wikipedia

Argon2 - Wikipedia

hash - Best practice for hashing passwords - SHA256 or SHA512? - Stack Overflow
 

My Computer My Computer

At a glance

Windows 7 Ultimate x64
Computer type
PC/Desktop
OS
Windows 7 Ultimate x64
Back
Top