This may be old news. If it is then sorry :)
Someone at Mozillazine has reported finding a website which uses an onload event to initiate XPInstall and request that the user install "Content Access Plugin 1.01" which contains a bunch of win32 binaries which reportedly contain some sort of adware [1].
This is the first time I recall hearing of such software targeted at Mozilla being found in the wild.
Obviously, it would be good if Mozilla products had some sort of protections for users who don't appreciate the dangers of extensions (and for those who do, of course). Several proposals have been made on the Mozillazine thread [2], the most obvious of which is not allowing XPInstall to be initiated except in response to mouse clicks [3]
If it's now considered worthwhile targeting Mozilla products with this kind of software, the problems are only likely to become worse in the future. It would be good if there were some ttechnical measures in place to make users less likely to install malicious code at least before Firefox 1.0.
james
[1] http://www.spywareguide.com/product_show.php?id=610 [2] bugzilla.mozilla.org/show_bug.cgi?id=238684 [3] http://bugzilla.mozilla.org/show_bug.cgi?id=238684
Workaround: Go to Edit...Preferences...Advanced...Software Installation and uncheck "Enable Software Installation." This disables all XPI installations.
_______________________________________________ Mozilla-security mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-security
