Malicious Firefox Add-ons Block Browser From Downloading Security Updates

Cyber Security

Products You May Like

Mozilla on Monday disclosed it blocked two malicious Firefox add-ons installed by 455,000 users that were found misusing the Proxy API to impede downloading updates to the browser.

The two extensions in question, named Bypass and Bypass XM, “interfered with Firefox in a way that prevented users who had installed them from downloading updates, accessing updated blocklists, and updating remotely configured content,” Mozilla’s Rachel Tublitz and Stuart Colville said.

Automatic GitHub Backups

Because Proxy API can be used to proxy web requests, an abuse of the API could enable a bad actor to control the manner Firefox browser connects to the internet effectively.

In addition to blocking the extensions to prevent installation by other users, Mozilla said it’s pausing on approvals for new add-ons that use the proxy API until the fixes are broadly available. What’s more, the California-based non-profit said it’d deployed a system add-on named “Proxy Failover” that ships with further mitigations to address the issue.

Users who have installed the problematic add-ons are highly advised to remove them by heading the Add-ons section and explicitly searching for “Bypass” (ID: 7c3a8b88-4dc9-4487-b7f9-736b5f38b957) or “Bypass XM” (ID: d61552ef-e2a6-4fb5-bf67-8990f0014957).

Developers of add-ons that require the use of the proxy API are also required to start including a “strict_min_version” key in their manifest.json files targeting Firefox browser versions 91.1 or above.

Products You May Like

Articles You May Like

Ever Wonder How Hackers Really Steal Passwords? Discover Their Tactics in This Webinar
OnePlus 12R to Get a Sunset Dune Colour Variant in India Soon
Odyssey Building ‘Hollywood-Grade’ AI Text-to-Video Model to Compete With Sora, Gen-3 Alpha
Smash-and-Grab Extortion
Apple’s ‘Tap-and-Go’ NFC Gets EU Approval After the iPhone Maker Agrees to Open It to Third-Party Apps

Leave a Reply

Your email address will not be published. Required fields are marked *