Translate to German Translate to Spanish Translate to French Translate to Italian Translate to Portuguese Translate to Japanese Translate to Korean Translate to Russian Translate to Chinese
09
May

Mozilla misses Xorer trojan in Firefox plug-in

The Vietnamese language plug-in for Mozilla’s Firefox browser has been found to be carrying a trojan virus.

The virus was reported on Tuesday as critical bug no. 432406 on Bugzilla. Since then the plug-in has been removed and Mozilla have been trying to figure out how it got through as all plug-ins are scanned for viruses before going live. A comment on the bug from Bugzilla maintainer Dave Miller stated:

The file is dated February 18, the virus signature is dated April 14, so we apparently had this in the wild for about 2 months before the scanners were detecting it.

It turns out that the trojan was Xorer.O, which when active on your system will usually just show unwanted adverts and does not spread past a local network. Mozilla estimated that the language pack had been downloaded 16,667 times since its initial release in November last year so the impact is minimal on users.

The reason the trojan was overlooked is because the anti-virus packages were not updated to look for the trojan when the file was scanned on February 18. Panda Security, for example, only detected it on February 28 thus allowing the plug-in to remain active with the malicious code as plug-ins are not re-scanned.

A posting on the Mozilla Security Blog by Window Snyder has asked that everyone who uses the plug-in disable it and wait for a new version to be released. She also said Mozilla are now working to add extra scans to plug-ins that are live on a regular basis to ensure this doesn’t happen again.

Read more at PCWorld.com

Matthew’s Opinion

I think this just points to a flaw in the security used by Mozilla for checking plug-ins and its fortunate it happened with a trojan that isn’t too serious. If anything it shows how the community around Firefox works effectively as the bug was raised, identified, made public knowledge and stopped in under 2 days.

With regular checks being implemented this shouldn’t happen again, and I’m sure they are also checking the regularity of their anti-virus updates. It will hopefully also alert other software vendors that have downloadable plug-ins for their products to check security practices.

Tags: M4A, amps, dvr, gear

Share This

This entry was posted on Friday, May 9th, 2008 at 7:35 am and is filed under gadgets. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

« Neil Young offers up full music archives on Blu-ray
Oris BC4 Flight Timer Keeps Jet-Setters Up To Snuff »

Comments are closed.

© 2008 Gadgets Future

Designed by That's Profound -- Made free by Spongy Web Directory and Computer RAM / Memory
Close
E-mail It