Librewolf's Windows updater is malware?!

I was updating Librewolf manually on Windows and i found that Librewolf’s updater and i scanned it using Virustotal and the results were a shock to me as 5 antivirus companies flagged it as a malware, Could anyone explain?

1 Like

First off what is in that link?

5 antiviruses are presumably trash and need to update their lists.


Just use Mullvad browser instead…

when are windows user going to catch a break?

Antiviruses are garbage, this is a pretty normal result for a fresh and unknown binary. The only way to get lower is to sign your binaries.


I looked at this again, now only 4 vendors (from 5) flag it as malware.

Its not that the others are crap, its just that their virus signatures are overtly aggressive and gives a false positive. As @Stiffly2505 puts it the binaries are not signed (you may get the signing keys from MSFT :rofl: I dont know what they would want).

You were not the first one that submitted this particular file @L_ishere670 . Someone beat you a whole day before.

There were the IP addresses that were contacted by the updater (according to the VT details) and the first 3 in the list were flagged and was associated with certain malwares. It could be something or nothing all together.

1 Like

you may get the signing keys from MSFT :rofl: I dont know what they would want

Incorrect, you can just buy a code signing certificate from any trusted partner: List of Participants - Microsoft Trusted Root Program | Microsoft Learn

its not even that expensive, about 150 USD/year for the cheap ones. And Certum has an even cheaper OSS one, too bad they suck as a CA.


Correct me if I am wrong, but to me it seems that antiviruses themselves are the malware. If you are using Windows or Apple’s OSs they come with antiviruses by default. Also, you have 5 of them!?

He doesn’t have 5 antivirus installed, he’s using