Hi stevemoss, you are right to be suspicious, that fake patch is malware. This is not how Firefox updates itself. Mozilla also does not use bizarre unfamiliar server names.

These malware distribution sites seem to be using coded links that can't be viewed by support volunteers (we get a blank page).

Can you figure out from your history which site that tab might have launched from? One theory is that it comes from a bad ad in a page but it would be helpful to "name names" (or paste links) to the sites that are causing it.

And if you have never installed any add-ons to block ads, you might want to consider one. These are popular (Note: you would only want to use one at a time):

• https://addons.mozilla.org/firefox/addon/adblock-plus/
• https://addons.mozilla.org/firefox/addon/ublock-origin/

Separate issue, I think:

Next to your question, in the Question Details section, the More System Details link indicates that you have a very old Flash plugin (version 16). I'm surprised that hasn't been disabled yet, and I suggest updating ASAP. The main page to download a new installer is:

https://get.adobe.com/flashplayer/

If you do not want the current Flash 22 release, you can use the Extended Support Release of Flash 18 from the following page (about 2/3 of the way down):

https://www.adobe.com/products/flashplayer/distribution3.html