Saturday, May 28, 2022
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory
  • Login
  • Register
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • How-Tos
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • Video
No Result
View All Result
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • How-Tos
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • Video
No Result
View All Result
Cloud7 News
No Result
View All Result

Home > Cybersecurity > Malicious Firefox add-on prevented 455.000 users from getting security updates

Malicious Firefox add-on prevented 455.000 users from getting security updates

Malicious Firefox add-on blocked users to get security updates by abusing proxy API. It is reported that around 455.000 users are affected by this security issue.

Furkan Avcı by Furkan Avcı
October 26, 2021
in Cybersecurity, Software
2 min read
0 0
0
firefox security issue
0
SHARES
17
VIEWS
Share on FacebookShare on TwitterShare on EmailFollow on Google News

Mozilla announced that they blocked two malicious add-ons on Firefox that were causing security vulnerabilities by misusing proxy API to obstruct users from getting security updates. The two add-ons that were causing security issues are addressed as “Bypass and Bypass XM”. 

Countermeasures to prevent any further security issues

As soon as the security issue was discovered, Mozilla took the initiative and paused the approval of all add-ons that deal with proxy API. By doing so, the team eliminated any new abusers of Proxy API from causing any further damage. This pause gave the team the opportunity to prepare hotfixes and updates to address the proxy API issue and as well as gave the users enough time to download these security updates.

The problematic add-ons were identified as Bypass and Bypass XM. Users who have downloaded them are highly advised to delete these add-ons. The ID’s for these add-ons are (7c3a8b88-4dc9-4487-b7f9-736b5f38b957 and d61552ef-e2a6-4fb5-bf67-8990f0014957) respectively. 

Stuart Colville from the Mozilla Engineering Team
Stuart Colville from the Mozilla Engineering Team

Rachel Tulitz and Stuart Colville from the Mozilla engineering team said,

“To prevent additional users from being impacted by new add-on submissions misusing the proxy API, we paused on approvals for add-ons that used the proxy API until fixes were available for all users. Starting with Firefox 91.1, Firefox now includes changes to fall back to direct connections when Firefox makes an important request (such as those for updates) via a proxy configuration that fails. Ensuring these requests are completed successfully helps us deliver the latest important updates and protections to our users.”

If you’re not sure that you are safe from the threats of these malicious add-ons, you can permanently uninstall Firefox and make a clean reinstall. That way, you don’t have any traces left related to the security issue. You should always keep checking the security updates. Also, please make sure that Firefox security updates are enabled and working properly.

See more Cyber Security News


Tags: FirefoxMozilla
ShareTweetSendShare
Get free daily newsletters from Cloud7 News Get the Cloud7 Newsletter

Check your inbox or spam folder to confirm your subscription.

By subscribing, you agree to our
Copyright Policy and Privacy Policy
Previous Post

Apache foundation switches from ASF mirror to CDN distribution for software

Next Post

OWC announced release of SoftRAID 6.2 for Mac

Furkan Avcı

Furkan Avcı

Furkan Avcı is an editor at Cloud7 News covering Linux distros, web hosting providers, data centers, and cloud computing issues and trends. Furkan Avcı is a Linux user and administrator. Furkan is a Java programmer and a cybersecurity enthusiast. Furkan has a bachelor’s degree in Mechatronics Engineering.

Related News

Proof-of-concept exploit code for VMware vulnerability released

Proof-of-concept exploit code for VMware vulnerability released

May 27, 2022 6:48 pm
Tor Browser on Tails 5.0 is not safe

Tor Browser on Tails 5.0 is not safe

May 27, 2022 12:32 pm
VMware ESXi servers are being targeted by a new ransomware

VMware ESXi servers are being targeted by a new ransomware

May 26, 2022 2:07 pm
StackPatch unveils new WAF packages

StackPath unveils new WAF packages

May 24, 2022 4:56 pm
Next Post
OWC Announces Release of SoftRAID 6.2 for Mac

OWC announced release of SoftRAID 6.2 for Mac

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Editor's Choice

Interview with Igor Seletskiy on AlmaLinux

7 best hosting control panels

How to update Linux Kernel without rebooting?

7 best Linux mail servers for 2022

7 best cPanel alternatives for 2022

7 best Linux web browsers for 2022

7 best CentOS alternatives

7 best Linux server distros for 2022

How to scan your server for Log4j (Log4Shell) vulnerability

Best web hosting service providers

AlmaLinux 8.6 Stable is ready to download

Ubuntu 22.04 LTS is available for download. What is new?

Kali Linux 2022.2 is ready for download

Advertisement

Recent News

  • Weekly round-up: 23 – 27 May
  • Effective network strategies: Managing traffic spikes and improving performance
  • Flatpak app of the week: Identity
  • Weekly tips & tricks: Web hosting #4
  • [Event] Ops 101: Explore Ethical Hacking & Cybersecurity Careers

Our Latest Interview

Interview: Erez Barak, Vice President Observability of Sumo Logic
Interview

Interview: Erez Barak, Vice President Observability of Sumo Logic

by Atalay Kelestemur
November 25, 2021 3:23 am


Cloud7 News is a news source that publishes the latest news, industry news and exclusive interviews on web hosting, cloud computing, data center, cybersecurity and linux.

News Categories

  • Web Hosting
  • Cloud Computing
  • Data Center
  • Cybersecurity
  • Linux
  • Network/Internet
  • Software
  • Hardware
  • Blockchain

Our Free Modules

  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

Get the Cloud7 Newsletter

Get FREE daily newsletters from Cloud7 delivering the latest news and reviews.

  • About Us
  • Privacy & Policy
  • Copyright Policy
  • Contact

© 2022, Cloud7 News. Latest Cloud Computing, Web Hosting, Data Center Industry and Tech News

No Result
View All Result
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • How-Tos
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • Video
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

© 2022, Cloud7 News. Latest Cloud Computing, Web Hosting, Data Center Industry and Tech News

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.