Jump to content

Mozilla: Firefox Plug-In Shipped With Malicious Code

Scarecrow Man

By Scarecrow Man,
in Essential Headlines

 Share

Recommended Posts

Scarecrow Man Newbie

Scarecrow Man

Posted
Posted

Not sure if we have any Vietnamese Firefox users, but if we do this may be of intrest to you.

Mozilla warned Wednesday that a malicious program inserted adware code into a Firefox plug-in that has been downloaded thousands of times over the past three months.

Because of a virus infection, the Vietnamese language pack for Firefox 2 was polluted with adware, Mozilla security chief Window Snyder said in a blog posting. "Everyone who downloaded the most recent Vietnamese language pack since February 18, 2008 got an infected copy," she wrote. "Mozilla does virus scans at upload time but the virus scanner did not catch this issue until several months after the upload."

Mozilla is now going to add additional scans of its software to prevent this kind of thing from happening in the future, she said.

Full Story

Xorer Trojan Information

Link to comment
Share on other sites
CurlyWhirly Newbie

CurlyWhirly

Posted
Posted
Mozilla warned Wednesday that a malicious program inserted adware code into a Firefox plug-in that has been downloaded thousands of times over the past three months.

Because of a virus infection, the Vietnamese language pack for Firefox 2 was polluted with adware, Mozilla security chief Window Snyder said in a blog posting. "Everyone who downloaded the most recent Vietnamese language pack since February 18, 2008 got an infected copy," she wrote. "Mozilla does virus scans at upload time but the virus scanner did not catch this issue until several months after the upload."

Mozilla is now going to add additional scans of its software to prevent this kind of thing from happening in the future, she said.

I don't know whether I was at risk anyway as I never go for language packs unless they are automatically included with Firefox updates :huh:

Link to comment
Share on other sites
Scarecrow Man Newbie

Scarecrow Man

Posted
  • Author
Posted
FF is Obviously not as fireproof as some would have us believe. :lol: :lol: :lol:

Firefox is still as fireproof as we believe. The problem was NOT with firefox, but rather a malicious script included with a language pack. Language packs are created by users like you and me and uploaded to Mozilla for distribution. The problem lies in the fact that Mozilla did not catch this before they released the language pack officially.

This is no different than any other virus. It just happened to be transmitted via an addon for Firefox rather than through a spam email, or rouge website.

Link to comment
Share on other sites
Dencandy Newbie

Dencandy

Posted
Posted
Firefox is still as fireproof as we believe.

I don't think that can be sustained since Firefox presumably permitted or enabled the language pack to be distributed. I might have a completely fool-proof burglar alarm. But if I leave the windows open, what good is it?

Link to comment
Share on other sites
andsome Newbie

andsome

Posted
Posted

The point that I am making is that some seem to believe that FF cannot be compromised with viruses and Malware. If the program becomes popular enough there are plenty of idiots who will design viruses etc for it, and people won't be so smug then. :D

Link to comment
Share on other sites
catgate Newbie

catgate

Posted
Posted

I think it is most unfair that only we who constantly work in Vietnamese (for security reasons) should be targeted this way.

The one good thing about IE is that it treats everyone equally. If this had happened in IE the whole world would have been infected.

Link to comment
Share on other sites
Scarecrow Man Newbie

Scarecrow Man

Posted
  • Author
Posted
Firefox is still as fireproof as we believe.

I don't think that can be sustained since Firefox presumably permitted or enabled the language pack to be distributed. I might have a completely fool-proof burglar alarm. But if I leave the windows open, what good is it?

Very true. They should not have allowed this code to be distributed and I agree this was an issue that Mozilla could have prevented. The browser, Firefox, is still as any software is prone to malicious code. Fortunately the browser itself is still stable.

It was unfortunate that someone would want to do this, but it happens. :censored:

Link to comment
Share on other sites
andsome Newbie

andsome

Posted
Posted
FF is Obviously not as fireproof as some would have us believe. :lol: :lol: :lol:

then again , the same can be said for internet explorer...

That is why we use AV programs etc.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Privacy Policy

  I accept