Firefox is Vulnerable to Logjam, here is how to make it Safe. At present, only Internet Explorer 11 is safe against logjam attack (for a surprise! Microsoft patched their browser sooner than others), other browsers like Chrome, Firefox, Safari and others are vulnerable. Google and Mozilla going to fix this soon with future releases, but you don’t need to wait till then for Mozilla’s Firefox browser.

Note: Seems Windows Chrome dev and Canary channels are already protected against this.

READ: Firefox Tops in Vulnerability List, Safari Follows it

Fix logjam in Firefox browser

Securing Firefox browser against Logjam

1 . Visit about:config

2. Search for ‘ssl3’ and disable DHE_EXPORT ciphers by setting below preferences values to false.

  • security.ssl3.dhe_rsa_aes_128_sha
  • security.ssl3.dhe_rsa_aes_256_sha

3. Restart the browser, visit https://weakdh.org/ site, which should show the message ‘Good news! Your browser is safe against the logjam attack’.

If you’ve found difficult to to change about:config preferences, install Disable DHE add-on.

We’re expecting Mozilla to ship Firefox 39 final by disabling the above preferences.