nsane.forums Posted February 11, 2010 Share Posted February 11, 2010 Mozilla has admitted that one of the two experimental Firefox add-ons it said contained malware was in fact a false alarm View: Original Article Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted February 11, 2010 Administrator Share Posted February 11, 2010 Firefox add-on accused of malware comes up cleanFirefox users were warned by Mozilla of two add-ons that had been discovered to contain malware and removed from their add-on Web site. Mozilla backtracked on one those add-ons last night, saying that the company had worked with McAfee and determined that the Sothink Web Video Downloader is malware-free. Last week, The initial estimate of 6,000 affected downloads has also been revised downward, to 700 downloads. Mac and Linux Firefox users were not affected by the malware discovery. Mozilla stated that during the re-testing process that cleared the Sothink add-on, the other add-on thought to be infected, Master Filer, was confirmed again as containing a Trojan. The Sothink add-on has been re-added to AMO as well as CNET Download.com. In an interview via e-mail last week, Nick Nguyen, Mozilla's Add-ons Director, said that the incident that uncovered Master Filer began when a user running an antivirus program from Eset threw up a warning. "All add-ons uploaded to AMO are reviewed for malware with automated tools," he said. "ClamAV failed to detect the Trojan in Master Filer which caused us to re-evaluate our toolset. After upgrading our process, we rescanned the remaining 58,000 files on AMO and detected one additional instance of malware," which was the Sothink add-on. Nguyen noted that both Master Filer and Sothink Web Video Downloader were add-ons labeled as "experimental," which means that users had to have an account at AMO to download them and that they could only be downloaded directly from the Mozilla site, but he also said last week that only one version, v4.0, of the Sothink downloader was found to be infected. Security breaches in Firefox add-ons are rare, but they have occurred before. In 2008, there was a compromised file in the Vietnamese language pack for Firefox 2. Mozilla did not immediately respond to a request for comment. Source - CNET Link to comment Share on other sites More sharing options...
HX1 Posted February 11, 2010 Share Posted February 11, 2010 Its weird I haven't had to sign in to my account there to download 'experimental' extensions in like forever... Link to comment Share on other sites More sharing options...
Bizarre™ Posted February 12, 2010 Share Posted February 12, 2010 Good thing it was a false alarm ^_^ Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted February 12, 2010 Administrator Share Posted February 12, 2010 One was a false alarm. Another wasn't. Link to comment Share on other sites More sharing options...
Bizarre™ Posted February 12, 2010 Share Posted February 12, 2010 It just proves Firefox popularity ^_^ Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.