Where did you install Firefox from? Help Mozilla uncover 3rd party websites that offer problematic Firefox installation by taking part in our campaign. There will be swag, and you'll be featured in our blog if you manage to report at least 10 valid reports!

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

Firefox Installer.exe Different SHA256 depending on wich web-browser/search engine you downloaded from?

  • 1 reply
  • 1 has this problem
  • 8 views
  • Last reply by cor-el

ee11
ee11
more options

Hi! So it seems that I get different SHA256sums depending on which browser I use and depending on what search engine I used to download the Firefox Installer.exe.

Using Edge on Windows 10, from google.se https://www.mozilla.org/sv-SE/firefox/new/ Gets the installer from: cdn.stubdownloader.services.mozilla.com, SHA256sum not listed here: https://releases.mozilla.org/pub/firefox/releases/84.0.2/

Using Firefox 84.0.2 (64-bit), from startpage.com https://www.mozilla.org/sv-SE/firefox/new/ Gets the installer from: https://download-installer.cdn.mozilla.net, SHA256sum not listed here: https://releases.mozilla.org/pub/firefox/releases/84.0.2/

Using Firefox 84.0.2 (64-bit), copy paste URL directly into browser: https://www.mozilla.org/sv-SE/firefox/new/ Gets the installer from: https://download-installer.cdn.mozilla.net Which then gets a SHA256sum match on https://releases.mozilla.org/pub/firefox/releases/84.0.2/

Is this something I need to be worried about? Is the Firefox Installer.exe just embedding some tracker from where it gets downloaded? Right clicking on the .exe -> Properties -> Digital Signature -> Highlight signature- > information says the signature is OK. Which means the Firefox installation should be OK, I guess?

Any information on this would be greatly appreciated!

Hi! So it seems that I get different SHA256sums depending on which browser I use and depending on what search engine I used to download the Firefox Installer.exe. Using Edge on Windows 10, from google.se https://www.mozilla.org/sv-SE/firefox/new/ Gets the installer from: cdn.stubdownloader.services.mozilla.com, SHA256sum not listed here: https://releases.mozilla.org/pub/firefox/releases/84.0.2/ Using Firefox 84.0.2 (64-bit), from startpage.com https://www.mozilla.org/sv-SE/firefox/new/ Gets the installer from: https://download-installer.cdn.mozilla.net, SHA256sum not listed here: https://releases.mozilla.org/pub/firefox/releases/84.0.2/ Using Firefox 84.0.2 (64-bit), copy paste URL directly into browser: https://www.mozilla.org/sv-SE/firefox/new/ Gets the installer from: https://download-installer.cdn.mozilla.net Which then gets a SHA256sum match on https://releases.mozilla.org/pub/firefox/releases/84.0.2/ Is this something I need to be worried about? Is the Firefox Installer.exe just embedding some tracker from where it gets downloaded? Right clicking on the .exe -> Properties -> Digital Signature -> Highlight signature- > information says the signature is OK. Which means the Firefox installation should be OK, I guess? Any information on this would be greatly appreciated!
Attached screenshots

All Replies (1)

cor-el
cor-el
  • Moderator
  • Top 10 Contributor
more options

the first link you posted look like the small stub installer that downloads its files from internet and this file doesn't have a SHA256SUM.

Files downloaded from the CDN server have their SHA256SUMS file in their main release folder that have all sums in one file.

You will find the same SHA256SUMS file here.

  • aba450101367bcf3d0524a9c786f4a1477a748fcfb7e09252946c0b278e795a8 win64/sv-SE/Firefox Setup 84.0.2.exe