Sunday September 7, 2008 9:48 AM AEST

SC Magazine Australia/NZ > News > Vulnerabilities & Exploits > Web > Compromised file found in language pack for Firefox

Vulnerability Alerts

SANS

Microsoft

MS08-022 – Critical: Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338) - Version:2.1
Microsoft Security Advisory (951306): Vulnerability in Windows Could Allow Elevation of Privilege

CERT/CC

Latest Comments

"no comment"

on MySpace superworm creator sentenced to probation, community service

by hijrawinata | Sep 7, 2008 3:18 AM

"hi.. i like google chrome. I need to know if in future, google is willing to upgrade google ..."

on Layered security in Google Chrome browser

by george s | Sep 7, 2008 1:52 AM

"Smart Antivirus-2009 crack"

on Researchers crack London's Oyster card security

by trancongtruongtruong | Sep 7, 2008 12:38 AM

"I urge every business person and IT person, management or staff, to get hold of a copy of "I.T. ..."

on Bank of New York loses 12.5 million customer details

by John Franks | Sep 6, 2008 1:20 AM

"iam intrested in porn movies workes in actors from 36/m india pleas help me thanks."

on Popular porn site hacked by prudes

by vinod agarwal | Sep 5, 2008 8:26 PM

Web

Compromised file found in language pack for Firefox

The add-on was a Vietnamese language pack, and though it has been removed from the official Mozilla add-on website, it was undetected until this week.

Window Snyder, Mozilla's security chief, told SCMagazineUS.com Thursday that “about 1,200 people downloaded the pack every week since Feb. 18. Compared to 170 million users, that's a small number.”

The language pack was a single file that had a remnant of a script tag that could direct a user to a site that would play unsolicited ads.

“It was not an infection, per se, and the site it directed users to is down. The most likely scenario was that users would be seeing unwanted ads,” Snyder said.

How did it get into the pack? Said Snyder, “We did not do forensics on the developer's machine, but the most likely scenario was that the machine was infected and when the developer uploaded the pack to our add-on site, our antivirus software did not detect it.”

The virus signature was not identified until April.

A new language pack will be available shortly. Until then, Vietnamese language pack users should disable this package, she said.

Secure Computing Magazine

Ads by Google

Thoughts on this article? Add a comment below.

Be the first to comment on this article.

Name:

Email:

(will not be displayed)

Comment:

(HTML not permitted)

Validation

Enter the code you see below:

Most Read
Most Discussed
Latest News

Vulnerabilities & Exploits Whitepapers

Compromised file found in language pack for Firefox

Sponsored Links

SC MAGAZINE SITEMAP

CATEGORIES

News

Alerts

Products

Stats

Blogs

Photo Galleries

Whitepapers

Events

Jobs

Downloads

Vulnerabilities & Exploits

Breaches & Exposures

Messaging

Mobile

Access Control

Biometrics & Forensics

Legal

Risk Management

Job Centre

Patch Management