Mozilla Security

Whether you’re using the Web or checking your email, you care about your security and privacy. At Mozilla we understand the importance of security. Here you will find alerts and announcements on security and privacy issues, general tips for surfing the Web and using email more securely, more information about how we maintain and enhance the security of our products, and useful links for developers.

The latest security updates will be delivered to most users automatically. Users who have turned off automatic updates can use the "Check for Updates..." item on the Help menu. If the menu item is disabled your account does not have sufficient privileges to update Firefox--contact the person who installed Firefox on your machine. Additional help is also available through our Community Support site.

Tips for Secure Browsing

  • Always use the most current version of your browser.
  • Check for the "lock" icon on the status bar that shows that you are on a secured web site. Also check that the URL begins with "https" in the location bar when making transactions online.
  • In the Tools menu of Firefox, Tools > Options... > Privacy, you can clear your information with one click of a button. This is especially useful when using a computer in a public location.
  • Perform transactions (like shopping or submitting personal information) at sites that are well established and that are familiar to you. If you're not familiar with a site, make sure that the site has a privacy policy and information about the site's security measures.

Tips for Using Email Securely

  • Be aware that it is extremely easy for someone to forge an email message to make it appear as if the message has been sent by your bank, a software vendor (e.g., Microsoft), or another entity with whom you do business. If a message requests that you send your password or other private information, or asks that you run or install an attached file, then it is very likely that the message is not legitimate. When in doubt, just mark the message as "junk" and delete it.
  • Be cautious when clicking on links sent to you in email messages. If you do click on such a link, double-check the name of the site as shown in the location bar of the browser, and be especially careful if the site name displayed is an IP address (e.g., "192.168.25.75") instead of a domain name (e.g., "www.example.com"); in the former case it is very likely the site is not legitimate. Don't enter any personal information into forms displayed at such a site, and if you have any concerns whatsoever about your security, just close the browser window.

For Developers: Contacting Mozilla

Report security-related bugs and learn more about how we secure our products:

  • If you believe that you've found a Mozilla-related security vulnerability, please report it by sending email to the address security@mozilla.org. Note that your report may be eligible for a reward; see below.
  • For more information on how to report security vulnerabilities and how the Mozilla community will respond to such reports, see our policy for handling security bugs.
  • We want to make Mozilla products and sites as secure as possible, and wish to encourage research, study, timely disclosure, and rapid fixing of any serious security vulnerabilities. We've established a Security Bug Bounty Program to reward people who help us reach that objective.
  • Mozilla-based products include a default list of CA certificates used when connecting to SSL-enabled servers and in other contexts. If you are a CA and would like your CA certificate(s) considered for inclusion in Mozilla, please see the Mozilla CA certificate policy.

Press Contact: send mail to press at mozilla dot com.

The PGP key for security@mozilla.org below can be used to send encrypted mail or to verify responses received from that address. We transitioned keys in October 2020. Please see our signed transition statement for confirmation.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: GPGTools - https://gpgtools.org

mQINBF+Ix+sBEADohu7Z5JrUiu+JYVSMwRheksrnxfgOH2p7194I3TI8G2GRsH81
wXgsTPAkJ7eRyR8U0tou1QdtB+NQ4j+ocbsaaCQfZO6Q5iy0mDHZ1NEiAe7eIVNN
fi8cRa4QHQBxafvQP8Ogf7liN3vophx1Dnn+KJDAjldCLnMQBPFaOJNeU1QcHxT0
5Ot7MJwvUrWYnY9siPGY94z6oZrbwkhDK9LUliSFZc4qsmMCCefYyY2myexZkwOD
jBOInLxWF6NuRXyjgWDfMFJ1ePQIwdu//LqN2jpf4glgq3LjW7n6lpjao8DstWWk
5QIDDM8pMy/lkZBBxh4jXivtdPSoy/WrJH5dX6LpP1yZaMV+27YfUnxnjB2aGoOY
SecdPz7SaERq6zL+TqDK1t3TvpX/bmei5lxevwHsYMjNS/jld4pIZVtiLbQaqVy2
iyCdeuVT+lKw5ummQGVmI6Ey+1plPt4833hi3Gc4u/GHN1+FtpOz6HafpG4+UErP
D0Qh5SKmTV2Q+mwcIvaU2wLpVYlmahnJmBZJ3jMpUqsyNcY97PcN7kQc/DlB+gIg
ZvwAnYYRt2c7toax6AjUYyFRLAbKpkWxf/SmMbPpnR7t0UufK3il/M7fkBLFtZT2
UouF52M8YjxvlIWrk76EbN5468tH2HDCtNMmTveNUR7wk+4Zj0SzdXh1wwARAQAB
tCdNb3ppbGxhIFNlY3VyaXR5IDxzZWN1cml0eUBtb3ppbGxhLm9yZz6JAlQEEwEK
AD4WIQQmGcxz1EzNrVuWZVs7uUBc7Ib3FwUCX4jH6wIbAwUJB4YfgAULCQgHAwUV
CgkICwUWAgMBAAIeAQIXgAAKCRA7uUBc7Ib3F4kuD/9Lo4peVPBNe3FWC8wh2L5s
F8dhQtCAbaAsLpiM6nuLdhvnv9xW0ZqZpnOPOGIfr1KlmVAKNmx0dfiSzQhiPdy3
o4T4V6nSJeJZFnDqOJtLhZKEGaSuowrMTxAvaD/lfj+piz8RDeapjJMXYPxywbUh
kNyejenONnJmL44CrJKkq4V0YoqrC8QAdGXHre6GAYx2JVkB8guRaWsLEi5cXD48
JkNqifq4VI3hyiURdt0gNM/4bcCunU1Qm8w/8IeQKmyUAKKYwSr6lhGmCgtvY/+D
FHwgXM+hUjOge56P2rzNjbPLdyoUCzvr3QN+3X0TD+z5B31zEuZB3UFlyW25Klwr
CxbOmoLQZEh3VeM/wlyt2OIY7DJ3H50SIocCOcCzyeoWFnxVuaVvZbcsi6wbCxDw
GX+0cxDePSP6ij0ZLeIMWZpC5Hncd3xk9yotMl4wCJe7aFQ0iqX7H3Z/T8z4YVv4
qmH98Vl4SskvZt0M5AkNEmv99CqJqqEa7yx9xjahYewk0E8EJP4eApS5mMxRZTYR
5GzODlj2mwWXtFfetMXjFhwJkLY0DYLKu2HC00Y/e2Hq9eiR1MBO1FsjbNB0QRIn
BFcJJjvXuv7uQGdk3806lgRvfFShZTdXA6WzxUUw6RxujM8vuhN5BPoJmUehA1/m
Lt7HcRKISsUKyfvhLLQrlrkCDQRfiMfrARAA3X0efW7fjp9v5rh3KH8eadTolj//
ADZub7UxJoC643G6gObpFO5141RIDin5Dbyet6OGsyuR7JitXaUtE9uREMTTbJpv
8YbCPJsFMG7LdfBcrwTzAIphtdnbH94nEzQD6b2DO+Klgb468R8nPUzZVTRbONnt
7ghM/1nLbH8nnv6ywM6NflznExB+FXarmF/0LhQrdFURs0w6gbnEoCTyQblf8Hqs
RxeVTxfBrLiZMOu/ohHlWF41biRFwrEuiaVXNFR5W+kkoYfC33JYSr1R+UGXMAFr
yiE2utB5pvDKmPhHQ8TZJXULTVeH1VQWeRpDqNvxu5wrQ8bsDSo8pzMs/IP0vugj
x+cnGRfOqjhtv2NGR0XdnjuJal00BtaFUVyTTVuZiYv1J85v2fBZ8o5QUG/c20yM
ciVk7N7vp6fYI0cq2bQh65pWmX2W8GKey5U2RtFGGCXDqQk2N63ftmrHhQXVyjjQ
rjfg3hVrdus4JcRjex/bCXj09yl4h2k2HwK7jAd0c5q5Pw398Hkam8PUdIzH0M93
F6oElOAb8xpyfN9KKHkKOIQliU+lWlDT/XVHgOgK5jKsnaSfsqSaf+uJrjoG4nvD
EzQXGXcjsO82wc5OiFz2B1mSVyF5BGK4GV1vyrp5Lz9cJtx/OQU/YI7U46FQzV+9
BeElupujPnE/yfcAEQEAAYkCPAQYAQoAJhYhBCYZzHPUTM2tW5ZlWzu5QFzshvcX
BQJfiMfrAhsMBQkHhh+AAAoJEDu5QFzshvcXNjUP/jfjRRnM2d+Wc5T2DCvk32Pf
xdpOBXzIJJnz+DJdKvsia7aGjHt4EZlwByE5QOzHVn2+4LovCNM4TYTZL7tx08rF
ewokSkn4v3d7HEy5Iaz+sU88WqHUPEGYJKqeVYfZvGVqWD/zgQp06KSrdS6YcBG6
tn9lv1J/HNVp9CclWETAcszQLYuqOibylkXbCNdGBOBriofqy21gafwtjay6cQZU
UyvConM758j+dKTGP7mb5ix0Ft7i1slcyyEdW3Qs2A5rZuZkoWP86BMHfykYQ3K4
VoLarieueGB/ovHce1ruZlBNLCLKscbnAqxfYR60J/5jotKG0yCge/CydDIZuyAt
iFWkNRyDBaPU8/uYJeBEYadOaXx6S3jU7l9qAgy+ftyna1oykhWYr0VVV8lP50Gt
lkjchdGT6yEhzi4kVbhg9gVIq9R1IqtDqMRP/O1Re69XsWdygJkzZ8G0BQ4FPuTE
I/sQwgDWUzi8oAMrtW/IVgkOXakIjUvPkY1bwhvROJ8aUyMyFaWI5f0EWGVZojjg
FB2QjVH9/OGqrhCw+CJ/QmRIUMS3wjjZXCk3mGtMeg/W3x9ZDUq9fmG9s8OfemOH
Ap+vn6KtXrPx8S0B+1Gh9OWQ6aRlZyX2lLkbZhGNyU6hYDaxSI/nEWO9puPmro2d
YK7uXrIOwQv3IT56MPst
=0S0j
-----END PGP PUBLIC KEY BLOCK-----