Adblock Plus and (a little) more

Adblock security hole closed - but not by Adblock devs [updated] · 2006-06-18 22:46 by Wladimir Palant

A while back I mentioned two security holes I found in Adblock (bug 338114, access is restricted). Both are pretty stupid programming mistakes and can be fixed trivially. Luckily recent security improvements in Firefox prevent one of the bugs from being exploited. The other is wide open however and can potentially allow malicious web sites to gain control over your computer.

The good news for all Adblock users out there: this bug has been fixed. Boris Zbarsky made Firefox safer once again, and once Firefox 1.5.0.5 is out Adblock users should be (relatively) safe. The bad news: both security holes are still in Adblock, only hidden. Adblock developers disappeared once again and aren’t even reacting to the most urgent requests (and I don’t mean Michael McDonald here who has been very responsive but seems to lack the possibility to change something). Given the numerous users still using Adblock this makes me pretty sad…

Update (2006-06-30): AMO made mcm a co-author for Adblock so he could upload a fix. Adblock homepage is still listing 0.5.3.42 as most recent version.

Tags:

Comment

Commenting is closed for this article.

Cookie preferences

We use some cookies to give you the best experience on our website. Read more

Cookie preferences

We use some cookies to give you the best experience on our website. By using our site you are aware that we are using cookies and you can change this any time. Learn more

Necessary cookies

Used to remember your privacy preferences. They cannot be switched off.

Tracking cookies

We use these to analyze website traffic.