detection icon

Short bio

PUM.Optional.FireFoxSecurityOverride is Malwarebytes’ detection name for several potentially unwanted modifications (PUMs)in user.js, a Firefox browser configuration file, where the Safe Browsing feature is disabled or the viewing of mixed contentis enabled in Firefox. As a result, users are made vulnerable to sites that may harbor insecure or potentially malicious content.

System modifications

The following strings are modified in user.js:From:user_pref("browser.safebrowsing.enabled", true);To:

user_pref("browser.safebrowsing.enabled", false);
From:user_pref("browser.safebrowsing.malware.enabled", true);To:
user_pref("browser.safebrowsing.malware.enabled", false);
From:user_pref("browser.safebrowsing.downloads.enabled", true);To:
user_pref("browser.safebrowsing.downloads.enabled", false);
From:user_pref("security.mixed_content.block_active_content", true);To:
user_pref("security.mixed_content.block_active_content", false);


Malwarebytes automatically sets the values of the modified strings in user.jsto “true” to stop triggering the detection of PUM.Optional.FireFoxSecurityOverride.

Add an exclusion

When a Potentially Unwanted Modification (PUM)is detected on your computer, Malwarebytes for Windowsdoes not know whether it was authorized. Optimization software, malware, and Potentially Unwanted Programs (PUPs) are known to make these types of changes, hence they are regarded as potentially unwanted by design.To have Malwarebytes for Windowsignore a PUM, you must add the PUM to the Allow list. Here’s how to do it.

  1. When a PUM appears in the list of Scan results.
    PUM detected
  2. Uncheck the entry or entries related to the PUM.
  3. Then click on Next.
  4. You will see a prompt giving you several options.
  5. Choosing Always ignorewill add the PUM to the Allow List.
  6. You can remove them there when you decide they should no longer be ignored.
  7. When the PUM is on the Allow listit will no longer show up in your Scan results.