Mozilla Makes The Web A Bit Safer With New Firefox Security Tool
October 14, 2009 11:40 AM ET
The Plant Mozilla's Firefox Support Blog just unveiled a security tool designed to heighten the security of Firefox.
The tool is called Plugin Check. It detects all plug-ins for Firefox and advises users if they are outdated. It sounds like no big deal, but you have to consider how many security threats are posed by plug-ins. One example is the seemingly endless exploits associated with Adobe Systems' Flash plug-in. Plug-ins are bits of code created to extend the feature set of browsers and are often created by independent developers not associated with the browser's creators, i.e, Mozilla for Firefox or Microsoft for Internet Explorer.
Of course, that code is not always safe or stable. Mozilla is reporting that 30 percent of Firefox crashes are caused by outdated plug-ins, so not only can this aid in putting Firefox on "lock-down," the plug-in checker can help create a better browsing experience.
CRN Test Reviewers accessed the Plugin Check page using Firefox version 3.5.3, Sure enough, the utility detected all of the plug-ins installed in the browser. It reported four out of 14 plug-ins as potentially vulnerable.
The remaining plug-ins, which included Java, MSN Toolbar and RealOne Player, were detected with the message, "Unable to detect plug-in version." These plug-ins come with a "Research" button next to them, in contrast to an "Update" button on the plug-ins the utility found to be outdated.
What's nice is that clicking the Research button takes you back to links to the plug-in developer to help you track down additional information about that particular plug-in.
Clicking "Update" for the potentially vulnerable plug-ins takes you to a page where you can download the latest version; for example, we were redirected to Adobe's Flash Player page when we clicked "Update" for the outdated Shockwave Flash.
Although Firefox already detects outdated extensions for code created specifically for it, this is a great addition for users to efficiently keep plug-ins created by third-party vendors up-to-date. Even better, Mozilla plans to add the Plugin Check as a built-in feature in future versions of Firefox.
|
Symantec's Code Red: The Law Enforcement/Anonymous E-Mail Exchange Law enforcement officials negotiated via e-mail for more than two weeks with an Anonymous group member trying to extort $50,000 from Symantec to keep stolen product code off the Internet. |
|
How To Sell IT Security Services To Your Customers Cyberattacks can cost a business thousands, even millions, of dollars, and can deal a death blow to some. Here's how IT solution providers can help guard against malicious attacks. |
|
Cybersecurity Experts: What They Know Could Scare You A recent report based on interviews with security experts in government, business and academia finds more than half in agreement that a worldwide arms race is taking place in cyberspace. |
 More
Slide Shows |
- Insider Threats: The Next Frontier for Security Resellers and SMBs
- Complete Security and Your Bottom Line: Sophos, Value and the Channel
- Tough Threats, Tougher Security: How You Can Leverage New Solutions To Combat A “Targeted Attack” Landscape
- Dark Clouds Ahead: Why the Mid-Market Needs To Ramp Up Cloud Security and How You Can Help Them Get There
