Risky Firefox Extensions

A ZDNet report lists high-profile Firefox extensions that are vulnerable to attacks. Firefox may have just recently patched its vulnerabilities with the release of version 2.0.0.4, but third party extensions remain to be at risk. Below is a list of risky Firefox extensions:

Here are a few Q & A’s from the source article. For full details, visit the advisory blog entitled, A Remote Vulnerability in Firefox Extensions.

Q: How many people are at risk?
A: Millions. Exact numbers for each toolbar/extension are not released by the vendors.

Q: When am I at risk?
A: When you use a public wireless network, an untrusted Internet connection, or a wireless home router with the default password set.

Q: What can happen to me?
A: An attacker can covertly install malicious software that will run within your web browser. Such software could spy on the you, hijack e-banking sessions, steal emails, send email spam and a number of other nasty tasks.

An update from the ZDNet article cited a comment from del.icio.us’ product manager telling that its extension isn’t  already vulnerable from this attack since the version 1.5.29 update last April.

Related Posts

  • No related posts.

This entry was posted on Thursday, May 31st, 2007 at 11:54 and is filed under Web News. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

6 Responses to “Risky Firefox Extensions”

  1. Blog Drive-Bys for 2007-05-31 - Untwisted Vortex - Living in a Different Land Says:
    May 31st, 2007 at 22:58

    [...] over some articles earlier today about the Firefox upgrade. After spotting a short article on Project Afterlight and digging into the links provided, I immediately installed the update. The only thing that got [...]

  2. Mac @ Motorcycle Fairings Says:
    November 20th, 2008 at 8:16

    Hah, that is incredible, how can a company like Mozilla releases a version unprotected from those actions. lol. that is not acceptable.

  3. Home Decor Says:
    January 8th, 2009 at 0:09

    I hope by now they took care of all the risks that those add-ons represented for users.

  4. Forsikring Says:
    February 14th, 2009 at 13:20

    Unlike the research suggests, McAfee SiteAdvisor is actually worse than any of these other major extensions. It periodically downloads completely unauthenticated code from McAfee’s server, which it then executes with the same privileges as your browser.

  5. 70-294 exam Says:
    June 10th, 2009 at 13:34

    I’ve been using Firefox for over a year and will not go back to anything else.

  6. Vinci al casinĂ² Says:
    August 29th, 2009 at 1:26

    It happen to me many times, extensions can be dangerous sometimes