Win XP Users: IE Can Be Hazardous to Firefox

Below is part of an article Gareon had posted on Go Firefox!

Although I live in Windows, I avoid Internet Explorer – its the Defensive Computing thing to do. My approach is the same as Steve Gibson’s, we run IE once a month to install Microsoft patches, then ignore it until next month.

Not too long ago, on his Security Now! podcast, Gibson suggested further protection from IE by setting both the Internet and Intranet zones to “High” security levels. What the heck, I figured, an extra bit of safety can’t hurt. But it did hurt, and thus, this blog posting.

The advice isn’t new, of course, but I implemented it sometime early this year.
Unfortunately, I also upgraded my main XP machine to service pack 3 around the same time. Thus, when Firefox acted up, I first suspected the service pack. False lead.

The problem was that Firefox couldn’t download files. Rather than spend time researching it, I just ran Chrome the few times I needed to download a file from a website. Since the solution was so simple, the problem didn’t rate much time or effort. My email program, Thunderbird, had no problem saving attached files, so I made due.

The Problem:

Windows XP users (this problem does not occur with Windows Vista and 7) who have made changes to the default security Zone settings in IE (7 or 8), may find themselves unable to download .EXE files with Firefox. Changing the security settings from Medium-High to High for the Internet Zone within IE will cause Firefox not to download .EXE files. Which version of Firefox you are using determines what your options are for getting around this issue:

  • Firefox 3.5 – create a new about:config entry for browser.download.manager.skipWinSecurityPolicyChecks

    1. In a new tab type about:config and press enter
    2. If you get a warning about voiding the warranty, click I’ll Be Careful, I Promise
    3. In the list right-click anywhere and select New
    4. Select Boolean
    5. A dialog box will pop-up asking for preference name, type browser.download.manager.skipWinSecurityPolicyChecks
    6. In the next dialog box, select TRUE
    7. Close the tab and the changes will take effect immediately
  • Firefox 3.6 – currently the only options for Firefox 3.6 users are to either drop the security level in IE for the Internet Zone back down to Medium-High or to use another browser such as Chrome for downloading .EXE file
  • Firefox 3.7 – create a new about:config entry for browser.download.manager.scanWhenDone

    1. In a new tab type about:config and press enter
    2. If you get a warning about voiding the warranty, click I’ll Be Careful, I Promise
    3. In the list right-click anywhere and select New
    4. Select Boolean
    5. A dialog box will pop-up asking for preference name, type browser.download.manager.scanWhenDone
    6. In the next dialog box, select FALSE
    7. Close the tab and the changes will take effect immediately


Source: Computerworld Blogs

2 Comments on Win XP Users: IE Can Be Hazardous to Firefox

  1. Why was the 3.5 pref taken out?

  2. Here is the solution when using Firefox 3.6:
    After changing the security settings to High for the Internet Zone within IE, click the Custom level… button. Find the Miscellaneous option: Launching applications and unsafe files. Change setting from Disable to Prompt (Recommended).

2 Trackbacks & Pingbacks

  1. Reflections » Win XP Users: IE Can Be Hazardous to Firefox [repost]
  2. Win XP Users: IE Can Be Hazardous to Firefox [repost] « Reflectionsitivities

Comments are closed.