Security risk - "Thunderbird detected a potential security threat"
I opened Thunderbird this morning and there were no issues. Closed it and just now reopened and I'm getting this message: Thunderbird detected a potential security threat and did not continue to live.thunderbird.net. If you visit this site, attackers could try to steal information like your passwords, emails, or credit card details.
It downloaded 28 emails but will not let me see/access them.
Can anyone help? Thanks, Linda
Modified
Chosen solution
I have Microsoft Defender, and automatic updates. That error has gone away and now I just have messages with images that don't load and eventually will get random Authentication Errors. I am having other issues with my PC and even though it has been scanned by multiple anti-virus and anti-malware programs (by professionals), I suspect either a buried malware or a corrup OS somehow (Windows 10 Pro). Very frustrating!
Read this answer in context 👍 0All Replies (13)
You probably need to update your antivirus product. That is usually the issue when these spurious errors start appearing.
Seçilmiş Həll
I have Microsoft Defender, and automatic updates. That error has gone away and now I just have messages with images that don't load and eventually will get random Authentication Errors. I am having other issues with my PC and even though it has been scanned by multiple anti-virus and anti-malware programs (by professionals), I suspect either a buried malware or a corrup OS somehow (Windows 10 Pro). Very frustrating!
I don't know if we can do much, but perhaps upload the troubleshooting information and see if anyone can offer more insight.
Could you please do the following?
- Open the menu > Help > Troubleshooting Information, then click Copy text to Clipboard.
- Go to https://pastebin.mozilla.org/, paste the clipboard by right clicking in the large text area, select paste from the menu, change the retention period to expire in 28 days, use the Paste Snippet button to create a page containing your info, then copy the resulting URL (address) of the page created.
- Open a reply to this post, and paste the URL to your troubleshooting information you just copied.
- Please also provide results for the following test on your system. Again it may provide an insight if we have access to if it happens in safe mode for instance. Authentication errors are best supported with Verbatim details of the error. Only that way can anyone do more than guess as to the issues.
- Does Thunderbird work as expected in Thunderbird troubleshooting mode?
- Does Thunderbird work as expected with your OS started in safe mode with Networking. Instructions for each operating system: Windows 10/11, Windows 8, Windows 7, OSX
I ended up taking my PC to a shop and the owner eventually found that a Microsoft Shell program was triggering the manual proxy server settings on startup. He renamed the program and now my PC AND Thunderbird are operating normally. He couldn't find the origin of the setting in the shell program though.
Thank you for your help!
https://pastebin.mozilla.org/D5H0zRyX
no good with 'safe with networking' OS Win 10, ( I get 'connection failed') and Tbird troubleshooting mode doesn't want to play . And a re-install of 115.11.1 64x didn't help either, along with shutting down my anti-virus and firewall.
everything was fine this morning, then suddenly not so; weirdly, I can still send emails (update to that - no more sending anything either).
Help?
Modified
sunapeedog said
I ended up taking my PC to a shop and the owner eventually found that a Microsoft Shell program was triggering the manual proxy server settings on startup. He renamed the program and now my PC AND Thunderbird are operating normally. He couldn't find the origin of the setting in the shell program though. Thank you for your help!
I don't suppose you remember the name and path of the offending shell program and are willing to share are you? I have the exact same problem on both my desktop and an old laptop. Both running Windows 10. I noted the problem appeared to start on 04 June 24. I started my laptop in Safety Mode and the Warning Message disappeared when started Thunderbird, but it wasn't retrieving any new inwards mail. I did a system restore on the laptop using a 3 June 24 restore point. This has fixed the problem on the old laptop. So, I concluded the problem lay with a recent Microsoft update. I was intending do the same on my desktop but I don't have a restore point before 4 June 24. If you could advise the Microsoft shell program details it would be much appreciated and I'll try that. Thanks & regards Sosully
Modified
Not sure what's going on with the formatting of my last question/reply.
I don't suppose you remember the name and path of the offending shell program and are willing to share are you?
I have the exact same problem on both my desktop and an old laptop. Both running Windows 10. I noted the problem appeared to start on 04 June 24. I started my laptop in Safety Mode and the Warning Message disappeared when started Thunderbird, but it wasn't retrieving any new inwards mail. I did a system restore on the laptop using a 3 June 24 restore point. This has fixed the problem on the old laptop. So, I concluded the problem lay with a recent Microsoft update.
I was intending do the same on my desktop, but I don't have a restore point before 4 June 24. If you could advise the Microsoft shell program details it would be much appreciated, and I'll try that. Thanks & regards Sosully
Hi - ditto that last message as far as the shell program idenity goes? thanks.
Same for me - this problem kicked off for me two nights ago.
sosully said
Not sure what's going on with the formatting of my last question/reply.
You started the paragraph with a leading space. So line wrap is disabled and the font is a fixed width. It is meant to quoting error codes etc.
Just to be clear, the leading cause of issues with certificates, which is what this topic is really about is anti virus products. For most applications that use the windows certificate store (not Thunderbird or any Mozilla platform based application) then the lower security used by Microsoft allows the application to insert it's own untrusted certificates into the windows certificate store and mark them as trusted.
In the absence of having such automated methods to circumvent the chain of trust on which encrypted communications depend, you have to manually add the certificate to Thunderbird store and mark is as trusted. Each of the antivirus manufactures have their own instructions on their web sites for Thunderbird, if you choose to use them. I uninstalled the antivirus and use defender which has no such issues.
As the original poster mentions the windows proxy service can cause issues. In the first instance you can go to Thunderbird's settings, search for proxy and click on the Settings button that is displayed. Set Thunderbird to use NO proxy. That should be adequate in most cases.
k.flanagan said
https://pastebin.mozilla.org/D5H0zRyX no good with 'safe with networking' OS Win 10, ( I get 'connection failed') and Tbird troubleshooting mode doesn't want to play . And a re-install of 115.11.1 64x didn't help either, along with shutting down my anti-virus and firewall. everything was fine this morning, then suddenly not so; weirdly, I can still send emails (update to that - no more sending anything either). Help?
This will be your issue.
Type: Name Antivirus: Norton 360 Antispyware: Firewall: Norton 360
They are good at issuing false positives and blocking wanted software and especially about not getting out of the way and actually shutting down when you click that handy little button they offer that suggests they will. I have never been able to take a PC with a Norton product installed and install Thunderbird and set up the account without having to disable huge swathes of the invasive product. It has something called sonar that I always find myself disabling and I really have no idea what it is, and it's description does not mention email but it is trouble for me setting up accounts. It's firewall is inclined to block each point release of Thunderbird, just to be sure it is not "unknown" and a threat. Usually about a week after the release it get a note from home that this new version of Thunderbird is Ok and it just stops blocking it if you do nothing.
I am sure the software contains setting that can stop this unhelpful activities, perhaps even permanently. But I uninstalled by last copy around 20 years ago when Perter Norton sold the company and the Symantec rot set in. My sons were harping about Norton resource stealer, and were somewhat justified. So I have no recent knowledge about actually setting up the product to offer. Perhaps someone at Gen Digital (whose Brands include Brands: Norton; Avast; LifeLock; Avira; AVG; ReputationDefender; CCleaner) can offer instruction on the use and setting up of the Norton products.
Ok - thanks. You're right; after much messing about, I found the Norton setting to disable and suddenly my email is working again. It was 'block malicious scripts' in the anti-virus options. Passing this on to others for them to try.