This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Signed Executables and Dlls Policy

  • No replies
  • 0 have this problem
more options

Hi,

At my work, we use Windows AppLocker to allow only trusted code to be executed. Firefox works great in this environment, but I do have a request.

We were regularly getting notices of untrusted code being attempted from the "%windir%\temp\NS?????.tmp\" folder, which was a mystery to us for a long time. We finally tracked the cause back to "C:\Program Files\Mozilla Firefox\uninstall\helper.exe", which extracts DLLs (e.g. system.dll, shelllink.dll, userinfo.dll and accesscontrol.dll). It's my pleasure to report that the extracted DLLs ARE signed (btw, thank you so much for that!!). However, I had an embarrassingly hard time getting to this point since the code is code only exists temporarily, and I sadly never had the thought that NS might mean Netscape.

Incase there are others in my situation, I was wondering you'd like to prepend the .tmp folder name to include moz- or Mozilla?

I think there may be others in my situation, since our instance that followed the best practice of exempting all DLLs in Program Files from the exclusion policy, and since Firefox keeps all DLLs in Program Files, these were the only Firefox DLLs being checked.

Thank you for 30 years of a great product!

Rob

Hi, At my work, we use Windows AppLocker to allow only trusted code to be executed. Firefox works great in this environment, but I do have a request. We were regularly getting notices of untrusted code being attempted from the "%windir%\temp\NS?????.tmp\" folder, which was a mystery to us for a long time. We finally tracked the cause back to "C:\Program Files\Mozilla Firefox\uninstall\helper.exe", which extracts DLLs (e.g. system.dll, shelllink.dll, userinfo.dll and accesscontrol.dll). It's my pleasure to report that the extracted DLLs ARE signed (btw, thank you so much for that!!). However, I had an embarrassingly hard time getting to this point since the code is code only exists temporarily, and I sadly never had the thought that NS might mean Netscape. Incase there are others in my situation, I was wondering you'd like to prepend the .tmp folder name to include moz- or Mozilla? I think there may be others in my situation, since our instance that followed the best practice of exempting all DLLs in Program Files from the exclusion policy, and since Firefox keeps all DLLs in Program Files, these were the only Firefox DLLs being checked. Thank you for 30 years of a great product! Rob
Attached screenshots

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.