Mozilla augments Firefox's plug-in check
Makes good on promise to detect vulnerable plug-ins from Adobe, Apple, Microsoft
Computerworld - As it promised, Mozilla has created a page that checks for outdated plug-ins used by Firefox.
Mozilla is testing the page, which pings the company servers, then returns a list of plug-ins, noting those that are up-to-date and ones that should be updated. Links to the plug-in download pages are also available so that users can obtain the most current versions of software from the likes of Adobe, Microsoft, Sun and Apple.
A month ago, Mozilla debuted its plug-in checking with updates to Firefox 3.5.3 and Firefox 3.0.14, which automatically detected outdated versions of Adobe's Flash Player and prompted users to upgrade to the newest -- and theoretically the most secure -- edition of the browser plug-in.
At the time, Mozilla said it would follow that initial move with others, including the publishing of a page that Firefox users could visit to check the status of other vendors' plug-ins.
Two weeks after introducing the plug-in check, Mozilla said it had convinced 10 million Firefox users to go to Adobe's site and grab the latest version of Flash.
According to Blair McBride, the Mozilla developer who announced the test plug-in check page on his blog today, Mozilla will add a built-in plug-in checking feature to Firefox 3.6, which is slated for release before the end of the year.
"Firefox 3.6 will have this integrated to make sure users know when they have an outdated plug-in, without having to manually visit the Plugin Check page," said McBride. "Whenever you load a page that uses a plug-in that is out of date, you'll get [a] warning."
The warning will read: "Some plugins used by this page are out of date." A button will be available to update the plug-in.
Firefox 3.6 will also sport changes to the browser's add-on too. "The Plugins tab of the Extension Manager (Tools/Add-ons) will indicate which of your plugins are out of date," promised McBride.
The changes are to appear in the first, and likely only, beta of Firefox 3.6; that preview is slated to ship next week under Mozilla's published schedule.
Security experts have commended Mozilla on the moves. Last month, Wolfgang Kandek, the chief technology officer at security firm Qualys, called it "a great way to improve the security of Web browsers," as he noted that vulnerabilities in Adobe's Flash are frequently targeted by hackers.
Mozilla has already caught one bug in the plug-in test page. Earlier Tuesday, Mac users running Snow Leopard were told that QuickTime was out of date, even though they had installed Mac OS X 10.6.1, Apple's sole security update so far for the new OS.
The problem, according to a post on Bugzilla, Mozilla's bug- and change-tracking database, was that Snow Leopard dubbed its version of QuickTime as 7.6.3, while its predecessor Leopard tagged it as 7.6.4.
Later Tuesday, Mozilla had implemented a fix to the plug-in checking page to accurately report QuickTime 7.6.3 as the most up-to-date edition for Snow Leopard users.
Read more about Security in Computerworld's Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Gartner Report: A Guide to Gartner's Enterprise Mobile Security Self-Assessment Gartner introduces a model and a Toolkit intended to help mobility and security IT leaders assess their enterprise mobility programs from a security...
- Gartner Report: Containing Mobile Security Risks With the 80/20 Rule IT planners can deliver better mobile protection with higher user satisfaction by segmenting users into risk groups before committing to specific management or...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts