Mozilla has integrated Google Safe browsing v4 in their browser code and starting from Firefox 48 onwards, the browser protects users against potentially unwanted or uncommon downloads and malicious downloads. The Firefox team has written a detailed post on how Firefox behaves and its download icon alerts users when such downloads are encountered. The security settings have been updated to reflect these changes, which allows users to disable browser from blocking such or showing warnings.
READ: Mozilla Adds Support for the Google’s Unwanted Software Protection in the Firefox browser
Firefox 48 security settings for downloads
When you use new Firefox 48, the new security settings might be difficult to understand. Check the below screenshot or visit Settings > Security to get started.
Coming to download warnings, these two are important
Block dangerous downloads: You shouldn’t be disabling this.
Warn me about unwanted and uncommon software: You can disable this, however, read my opinion before turning off any one or all.
Know this: Google has already implemented these protection features in Chrome browser some time ago, Firefox shows three settings for them, where as Google browser offers one setting under privacy: ‘Protect you and your device from dangerous sites’.
Have you ever heard of someone saying to disable that setting to prevent Chrome from showing warning for some downloads? Most don’t! Some don’t even know that setting exists also for that purpose, thinks it is there to protect from phishing and malware sites. The same also applies to Firefox as well.
Chrome 17 Beta Released with Download Scanning Protection and Omnibox Prerendering
Google Chrome gets New Malware and Phishing Warning Pages
Those settings are in place protect you. You should respond and act accordingly when Firefox warns you against a file downloaded or you’re going to download.
Unless you know the file downloaded came from trusted source, don’t ever open that when the browser warns. There are other ways to check a file is safe without even opening it, just upload and scan on VirusTotal to know the result, it’s possible for a single antivirus to miss a malicious file, not VT, that scans files and websites with multiple antivirus engines.
READ: PSA: Fake Urgent Chrome Update making rounds, do not open Chrome-update.bat file