Feeds

Firefox language pack provides adware back-door

Ho Chi Hack trail

Choosing a cloud hosting partner with confidence

Mozilla has warned that the Vietnamese language pack of Firefox 2 was compromised as a result of a viral infection.

The language pack did not contain a virus itself, but code that resulted in users seeing unwanted ads. More malicious action might have been possible as a result of the security flaw, the probable result of a developer's machine getting infected rather than a deliberate backdoor.

Everyone who downloaded the most recent Vietnamese language pack since February 18 this year got an infected copy, Mozilla warns. In total there's been 16,667 total downloads of the Vietnamese language pack since November 2007, so the total number of affected users is probably in the low hundreds rather than the thousands.

Mozilla said it does virus scans at upload time, but the virus scanner did not catch this issue until several months after the upload. It said it would revamp its testing procedure following the incident, the first of its kind to affect browser software.

A new Vietnamese language pack will be available shortly. In the meantime, Vietnamese language pack users are advised to disable this package using the add-ons dialogue on the Tools menu.

Mozilla's statement can be found here and there's more on Bugzilla here. ®

Beginner's guide to SSL certificates

Whitepapers

10 ways wire data helps conquer IT complexity
IT teams can automatically detect problems across the IT environment, spot data theft, select unique pieces of transaction payloads to send to a data source, and more.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Mitigating web security risk with SSL certificates
Web-based systems are essential tools for running business processes and delivering services to customers.