CDRInfo Forum CDRInfo Forum

Forums  Register  Login  My Profile  Inbox  Address Book  My Subscription  My Forums 

Photo Gallery  Member List  Search  Calendars  FAQ  Ticket List  Log Out

Firefox Add-ons May be Risky   Logged in as: Guest
Viewers: 1476 You can click here to see Today's Posts | Most Active Topics | Posts Since Last Visit
  Printable Version
All Forums >> [News Around The Web] >> Security News >> Firefox Add-ons May be Risky Page: [1]
Login
Message << Older Topic   Newer Topic >>
Firefox Add-ons May be Risky - 5/31/2007 6:48:05 PM   
cadoo


Posts: 6810
Joined: 8/1/2006
From: Serbia
Status: offline
The popular extension software used by the Firefox browser are not very secure, according to a security researcher.

A vulnerability exists in the upgrade mechanism used by a number of high profile Firefox extensions, according to Christopher Soghoian, a security researcher who blogged about the issue on Wednesday.

The extensions include Google Toolbar, Google Browser Sync, Yahoo Toolbar, Del.icio.us Extension, Facebook Toolbar, AOL Toolbar, Ask.com Toolbar, LinkedIn Browser Toolbar, Netcraft Anti-Phishing Toolbar, PhishTank SiteChecker and a number of others, mainly commercial extensions.

Users of the Google Pack suite of software are most likely vulnerable, as this includes the Google Toolbar for Firefox, Soghoian said.

"Users are vulnerable and are at risk of an attacker silently installing malicious software on their computers. This possibility exists whenever the user cannot trust their domain name server (DNS) or network connection. Examples of this include public wireless networks, and users connected to compromised home routers," the researcher expalined.

Until vendors have fixed the problems, the researcher suggests that users should remove/disable all Firefox extensions except those that they are sure they have downloaded from the official Firefox Add-ons website (https://addons.mozilla.org). "If in doubt, delete the extension, and then download it again from a safe place," he said.


_____________________________


http://www.cdrinfo.com/
Post #: 1
Page:   [1]
All Forums >> [News Around The Web] >> Security News >> Firefox Add-ons May be Risky Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts




Forum Software © ASPPlayground.NET Advanced Edition 2.4.5 ANSI

0.047