Mozilla augments Firefox's plug-in check
Makes good on promise to detect vulnerable plug-ins from Adobe, Apple, Microsoft
Computerworld - As it promised, Mozilla has created a page that checks for outdated plug-ins used by Firefox.
Mozilla is testing the page, which pings the company servers, then returns a list of plug-ins, noting those that are up-to-date and ones that should be updated. Links to the plug-in download pages are also available so that users can obtain the most current versions of software from the likes of Adobe, Microsoft, Sun and Apple.
A month ago, Mozilla debuted its plug-in checking with updates to Firefox 3.5.3 and Firefox 3.0.14, which automatically detected outdated versions of Adobe's Flash Player and prompted users to upgrade to the newest -- and theoretically the most secure -- edition of the browser plug-in.
At the time, Mozilla said it would follow that initial move with others, including the publishing of a page that Firefox users could visit to check the status of other vendors' plug-ins.
Two weeks after introducing the plug-in check, Mozilla said it had convinced 10 million Firefox users to go to Adobe's site and grab the latest version of Flash.
According to Blair McBride, the Mozilla developer who announced the test plug-in check page on his blog today, Mozilla will add a built-in plug-in checking feature to Firefox 3.6, which is slated for release before the end of the year.
"Firefox 3.6 will have this integrated to make sure users know when they have an outdated plug-in, without having to manually visit the Plugin Check page," said McBride. "Whenever you load a page that uses a plug-in that is out of date, you'll get [a] warning."
The warning will read: "Some plugins used by this page are out of date." A button will be available to update the plug-in.
Firefox 3.6 will also sport changes to the browser's add-on too. "The Plugins tab of the Extension Manager (Tools/Add-ons) will indicate which of your plugins are out of date," promised McBride.
The changes are to appear in the first, and likely only, beta of Firefox 3.6; that preview is slated to ship next week under Mozilla's published schedule.
Security experts have commended Mozilla on the moves. Last month, Wolfgang Kandek, the chief technology officer at security firm Qualys, called it "a great way to improve the security of Web browsers," as he noted that vulnerabilities in Adobe's Flash are frequently targeted by hackers.
Mozilla has already caught one bug in the plug-in test page. Earlier Tuesday, Mac users running Snow Leopard were told that QuickTime was out of date, even though they had installed Mac OS X 10.6.1, Apple's sole security update so far for the new OS.
The problem, according to a post on Bugzilla, Mozilla's bug- and change-tracking database, was that Snow Leopard dubbed its version of QuickTime as 7.6.3, while its predecessor Leopard tagged it as 7.6.4.
Later Tuesday, Mozilla had implemented a fix to the plug-in checking page to accurately report QuickTime 7.6.3 as the most up-to-date edition for Snow Leopard users.
Read more about Security in Computerworld's Security Topic Center.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts