Wednesday, April 01, 2015
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Facebook User Tracking Violates EU Law, Research Says
Google Releases Cheaper Chromebooks
Intel Releases New Braswell SoCs
WD's My Passport X Delivers 2 TB of Storage for Xbox One and PC Gamers
Google To Use SSDs From Samsung: report
Microsoft Introduces The Surface 3
Samsung Now Offers New Lineup of 3-bit V-NAND Based 850 EVO SSDs for Ultrathin PCs
Samsung, LG End Legal Disputes
Active Discussions
how to copy and move data files to dvd-rw
cdrw trouble
Need serious help!!!!
burning
nvidia 6200 review
Hello
Burning Multimedia in track 0
I'm lazy. Please help.
 Home > News > General Computing > Mozilla...
Last 7 Days News : SU MO TU WE TH FR SA All News

Friday, May 09, 2008
Mozilla shipped worm with Firefox add-on


Mozilla Corp. warned users about a worm that slipped into Firefox's Vietnamese language add-on and went undetected for months. The malware-infected file has been pulled from Mozilla's servers.

"The Vietnamese language pack for Firefox 2 contains inserted code to load remote content," Window Snyder, Mozilla's chief security executive, confirmed in a post to the company's blog on Wednesday. "Everyone who downloaded the most recent Vietnamese language pack since Feb. 18, 2008, got an infected copy."

The download count for the add-on since last November has been 16,667. "So we anticipate the impact on users to be limited," she said.

Mozilla developers first noticed the infected language pack on Tuesday, and by the next day had determined that the infection was accidental.

According to posts on Bugzilla, the bug management system Mozilla uses to track code changes, a computer used by Jasper Thai, the author of the Vietnamese add-on, had been infected earlier with the Xorer worm, malware designed to infect only Windows PCs. When Thai created the add-on, Xorer hitched a ride by installing itself in the extension's code.

Xorer can spread via removable media -- including floppy disks -- and network shares, several security vendors said in their online malware databases. "Its effects can range from simply annoying to destructive," noted the write-up by Panda Security. Snyder said that infected users were being shown unwanted ads when they surfed with Firefox.

Although Mozilla scans Firefox add-ons, including language packs, for malicious code before making them available for download, its antivirus scanner missed Xorer because it had not added a signature for the malware until mid-April. Thai had wrapped up the Vietnamese pack nearly two months earlier, on Feb. 18.

"The file is dated Feb. 18, the virus signature is date April 14, so we apparently had this in the wild for about two months before the scanners were detecting it," Dave Miller, a Mozilla company developer, said on Bugzilla.

Although U.K.-based security vendor Sophos PLC said it had produced a detection signature for the worm in early January, and Trend Micro Inc. had added one on Feb. 16, others, including McAfee Inc. and Panda, didn't get around to the worm until after Thai wrapped up the language pack.

Snyder said that Mozilla would boost the number of times it scanned files for malware. "We are also adding after-the-fact scans of everything to address this sort of case in the future," she said.

Developers on Bugzilla, however, argued whether that was feasible. "Ideally, yes, except that we get new definitions on average every six hours or so and it takes over a week to virus-scan the entire FTP server. Getting monthly scans is in the plan for the new stage server once we get it working," said Mozilla's Miller as he replied to a proposal to rescan after every signature update.

In a message posted to the Bugzilla thread, Thai said that he would deliver a malware-free Vietnamese language pack soon. He also claimed that the worm came from China, though he offered no proof.


Previous
Next
The Basics of Blu-ray Production Workflow        All News        Transcend Reveals Extreme Speed 300X CompactFlash
Microsoft Appeals $1.4B EU Antitrust Fine     General Computing News      Google Apps extends protection to web surfing and remote workers

Get RSS feed Easy Print E-Mail this Message

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2015 - All rights reserved -
Privacy policy - Contact Us .