Mozilla has introduced a service that checks Firefox browser plugins to make sure they don't have known security vulnerabilities or incompatibilities.
The service debuted on Tuesday with this page, which checks 15 plugins to make sure they're the most recent versions. Over time, Mozilla developers plan to scan additional addons, and they also plan to embed a feature into version 3.6 of the open-source browser that will automatically indicate which plugins used on a current page are out of date.
The offering builds on a feature Mozilla rolled out last month that warned Firefox users when they had an out-of-date version of Adobe's Flash media player installed. In its first week, Mozilla statistics showed more than half of those who installed the latest Firefox release were running an insecure version of the frequently attacked plugin.
Not that the service has necessarily gotten off to as good a start as one might hope. Our tests failed to detect the use of Adobe Reader, another application widely abused by criminals. And other plugins, such as Google Picasa and the iTunes Application Detector were also left out in the cold.
But as Mozilla makes clear here, the page is only the beginning. Eventually, the organization plans to "create a self-service panel for vendors to update their plugin info as new releases come out."
It's initiatives such as these that demonstrate Mozilla's dedication to the security of its users, and for that it deserves props. When legions of end users keep internet-facing software updated, we all win.
"We strongly recommend that add-on developers require SSL for updates to prevent the attack described above," Window Snyder, chief security officer for Mozilla, stated in a post to the group's developer blog.
The Mozilla Foundation released on Wednesday a patch for both version 1.5 and version 2.0 of the browser, fixing a critical memory corruption flaw. - 30201
The service debuted on Tuesday with this page, which checks 15 plugins to make sure they're the most recent versions. Over time, Mozilla developers plan to scan additional addons, and they also plan to embed a feature into version 3.6 of the open-source browser that will automatically indicate which plugins used on a current page are out of date.
The offering builds on a feature Mozilla rolled out last month that warned Firefox users when they had an out-of-date version of Adobe's Flash media player installed. In its first week, Mozilla statistics showed more than half of those who installed the latest Firefox release were running an insecure version of the frequently attacked plugin.
Not that the service has necessarily gotten off to as good a start as one might hope. Our tests failed to detect the use of Adobe Reader, another application widely abused by criminals. And other plugins, such as Google Picasa and the iTunes Application Detector were also left out in the cold.
But as Mozilla makes clear here, the page is only the beginning. Eventually, the organization plans to "create a self-service panel for vendors to update their plugin info as new releases come out."
It's initiatives such as these that demonstrate Mozilla's dedication to the security of its users, and for that it deserves props. When legions of end users keep internet-facing software updated, we all win.
"We strongly recommend that add-on developers require SSL for updates to prevent the attack described above," Window Snyder, chief security officer for Mozilla, stated in a post to the group's developer blog.
The Mozilla Foundation released on Wednesday a patch for both version 1.5 and version 2.0 of the browser, fixing a critical memory corruption flaw. - 30201
About the Author:
Arhur Monderos is working in a company as antivirus software specialist and he runs his informative blog where he helps you to choose best antivirus software for you computer.
