Chrome and Firefox updates

  • 21 September 2013
  • 12 replies

Yesterday, I tried to install some critical Firefox updates.  Webroot immediately detected a threat, so I scanned my computer.  It said if found 2 trojans, plus detected the update installer as a threat.
Today, I was using Chrome and it said my Chrome was outdated and to download a newer version.  Webroot said this was a threat (even tho I said it was OK to install) and this time it just detected the Chrome updater as a threat, but didn't detect any viruses.  Can someone help as to how I can install updated browsers for Firefox & Chrome?  I've never had this happen before.

12 replies

Userlevel 7
Mighty good question... I wonder though why Chrome was so outdated? My own Chrome auto-updates to the point of being truly annoying: my older slow computer goes down to a crawl during Chrome updates. (It isn't the WSA working to check the update...all the CPU power is going to Chrome setup itself... I have checked.)

During these updates of Chrome, WSA has never issued a single complaint. It would be normal for the new Chrome files to enter Monitored status upon install, but I have never received any warnings from WSA about an infected file.

May I ask what settings you use on WSA? Defaults or have you bumped them up all the way to maximum?

Are you allowing Chrome to update itself or were you using a 3rd party download site?
Not all defaults are on maximum.  Basic internet security and strong behavior and cloud heuristics.  I looked at my protected applications and internet explorer, firefox and chrome are all showing "protected".  I am a new Chrome user and tried to install updates because a popup from Chrome said it was outdated and that's when I tried to download the updates when the threat notice came up.  I'm not real computer literate.  

I tried updating Firefox because of something I read on Kim Komando's email about critical Firefox updates.  I don't know if those normally update themselves.  
Userlevel 7
Thank you for the reply!  I am not quite sure what to think, as I have not had that reaction from Chrome updates.  I hope some others chime in on here to help shed some light, but you might also want to Submit a Trouble Ticket.  If there is something a bit strange, or if it was a false positive for some reason, the Support techs can probably help find what really happened on that.
I am not sure if FireFox autoupdates or not.. I do not usually use that browser.
Userlevel 7
Badge +56
Hello Thorkim1954 and Welcome to the Webroot Community Forums.

The latest Firefox is 24.0 all you need to do with both is use the internal updater in Firefox Click Help>Click About Firefox>Check for Updates. But please Submit a support ticket as David asked to make sure your system is clean. ;)


I submitted a ticket as suggested.  I did finally get Chrome to update with no problems.  In my ticket, I mentioned the Firefox situation.  Thank you all for your replies, I appreciate it.  I will await to hear back on my ticket.  
Userlevel 7
Badge +56
Great please let us know the outcome!
Userlevel 7
As a rule, don't trust messages that pop up claiming that your browser or flash or java need to be updated. This is a common tactic of malware authors who spread their malware via malicious ads. Firefox and Chrome have both moved to automatic updates, so you should never see such alerts from Mozilla or Google anymore. Odds are, any alert popping up over the top of something you're trying to do online that says you need to update Firefox or Chrome is most likely not a legitimate alert.

Kim Komando is a legitimate source though, so as long as you're sure the email is actually from her, whatever she sent is probably ok. It looks like this case is with one of our threat researchers, and he's investigating. I'll be curious to know the results.

What TripleHelix said is correct though. Updating Firefox via that method should work fine, and that's the only method you should ever need to use.
Aw, ok, I now don't think the Chrome update was from Chrome.  I sucessfully got the upgrade/update installed yesterday (which I did through help on Chrome) and no problems from Webroot.  So I believe this was not legit, so Webroot was correct in quarantining this.
I also updated the Firefox updates just now, per the suggestion given from TripleHelix, for which thanks.
 My only other concern is one thing Webroot quarantined with the rest of this stuff was this: ie 9 windows vista X86-enu-exe.  usually use internet explorer as my browser, but had seen that all versions of explorer had some kind of problem that windows was trying to fix, some patch they were working on to correct this.  Is this thing Webroot quarantined possibly the fix for internet explorer and should I restore this?  I think everything has been resolved.  So much thanks to everyone here, much appreciated.
Userlevel 7
For similar reasons as for what I mentioned about browsers, when it comes to Windows Updates, you should only use the official Windows Update channel unless directed otherwise by a professional.
Start > Control Panel > Windows Update should take you to a screen that will tell you whether or not you need to update Windows.  It should look something like this:

If it says that you need to download and apply updates, you can do that through this screen itself.  Windows can also be configured to automatically download and apply updates through this screen, which is the preferable option for most people.
If Webroot quarantined a file that originated through this update method, we definitely want to know about it, because that would almost certainly be a false positive.  However, if Windows Updates says you're already up to date or allows you to get up to date by following prompts on this screen, I'd trust that Webroot found a threat in quarantining the file you had mentioned before.  The threat researcher working the case can provide additional detail once he's finished looking at the logs he had requested as well.
Interesting side note: The name of a file is usually not very helpful in determining whether or not it's an infection most of the time.  A file can always be renamed in order to hide its true nature and trick people into running it if it's malicious.  However, since it has "Vista" in the title in this case, it does kind of beg the question, are you running Windows Vista?  If not, I'd treat that as a red flag on this file and avoid running it.  If however you are running Vista and if Windows Update tells you that you're not up to date and it just can't seem to update using that screen, we may be looking at a false positive, which the Threat Researcher can confirm through the support case.
Userlevel 7
Badge +56
Or you open Internet Explorer then at the top click Tools and Click on Windows Update! That's what I do for Windows 8 less clicking not sure about Windows 8.1 as it could of changed and you can always do it Jim's way on Windows 8 also.

I have just optional updates, which are not important to me, and I have no notices for important updates available.  Am aware how to check for these updates through the screenshot you provided me.  And yes, I am running windows vista.  
Userlevel 7
I would guess that the update that was blocked was an ad-supported installer (probably optium installer). Always get updates either using the programs auto-updater (Flash/Java/Adobe all have them) or directly from the creaters website.