Mozilla service detects insecure Firefox plugins

Slated for browser embedding


Mozilla has introduced a service that checks Firefox browser plugins to make sure they don't have known security vulnerabilities or incompatibilities.

The service debuted on Tuesday with this page, which checks 15 plugins to make sure they're the most recent versions. Over time, Mozilla developers plan to scan additional addons, and they also plan to embed a feature into version 3.6 of the open-source browser that will automatically indicate which plugins used on a current page are out of date.

The offering builds on a feature Mozilla rolled out last month that warned Firefox users when they had an out-of-date version of Adobe's Flash media player installed. In its first week, Mozilla statistics showed more than half of those who installed the latest Firefox release were running an insecure version of the frequently attacked plugin.

Not that the service has necessarily gotten off to as good a start as one might hope. Our tests failed to detect the use of Adobe Reader, another application widely abused by criminals. And other plugins, such as Google Picasa and the iTunes Application Detector were also left out in the cold.

But as Mozilla makes clear here, the page is only the beginning. Eventually, the organization plans to "create a self-service panel for vendors to update their plugin info as new releases come out."

It's initiatives such as these that demonstrate Mozilla's dedication to the security of its users, and for that it deserves props. When legions of end users keep internet-facing software updated, we all win. ®


Keep Reading

NSO Group: Facebook tried to license our spyware to snoop on its own addicts – the same spyware it's suing us over

Antisocial network sought surveillance tech to boost its creepy Onavo Protect app, it is claimed

Judge green-lights Facebook, WhatsApp hacking lawsuit against spyware biz NSO, unleashing Zuck's lawyers

Legal discovery team could turn up some very interesting, and possibly embarrassing details

Spyware maker NSO can't claim immunity, Facebook lawyers insist – it's time to face the music

Software developers aren't nation states, antisocial giant points out

Multi-part Android spyware lurked on Google Play Store for 4 years, posing as a bunch of legit-looking apps

Mandrake handlers could snoop on whatever victim did with their phone

Israeli spyware maker NSO channels Hollywood spy thrillers in appeal for legal immunity in WhatsApp battle

In latest court bout, snooper biz seems to ask: Are you sure you want to open this can of worms?

Let adware be treated as malware, Canuck boffins declare after breaking open Wajam ad injector

Analysis If it walks like a duck and quacks like a duck then...

Senator demands deep probe into spyware-for-cops after NSO Group touts hacking toolkit to American plod

Updated 'Aggressive oversight' needed, Congress urged

Virtual reality is a bonkers fad that no one takes seriously but anyway, here's someone to tell us to worry about hackers

Enigma If printers and nuclear reactors on the internet are fair game, so's the gizmo on your face, we'll concede

Biting the hand that feeds IT © 1998–2020