Daily cyber threats and internet security news: network security, online safety and latest security alerts
May 8th, 2008

Adware Back-door In Firefox Language Pack

Mozilla has warned that the Vietnamese language pack of Firefox 2 was compromised as a result of a viral infection. The language pack did not contain a virus itself, but code that resulted in users seeing unwanted ads. More malicious action might have been possible as a result of the security flaw, the probable result of a developer’s machine getting infected rather than a deliberate backdoor.

Mozilla said it does virus scans at upload time, but the virus scanner did not catch this issue until several months after the upload. It said it would revamp its testing procedure following the incident, the first of its kind to affect browser software.

Everyone who downloaded the most recent Vietnamese language pack since February 18 this year got an infected copy, Mozilla warns. In total there’s been 16,667 total downloads of the Vietnamese language pack since November 2007, so the total number of affected users is probably in the low hundreds rather than the thousands.

A new Vietnamese language pack will be available shortly. In the meantime, Vietnamese language pack users are advised to disable it in Tools menu/Add-ons.

Share this item with others:

More on CyberInsecure:
  • Government .gov Domains DNS Hijacked, Point To Adult Content And Push Adware
  • Microsoft Secretly Sneaks Firefox Add-on Into Latest Update
  • Fake MP3 Files Infect With Trojan And Install Adware
  • Researchers Warn BlackBerry Users Over Malformed PDF Vulnerability
  • Microsoft Releases Windows XP Service Pack 3 But Locks IE7 Uninstall

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Adware Back-door In Firefox Language Pack

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.