Add-ons Blog

Posts tagged with “security”

Java 7 Update Notification Now Live

A serious Java vulnerability was made public earlier this week, which is being actively exploited by attackers. Oracle released an update that fixed this vulnerability today, so we are now moving ahead to encourage all users to move to this new version. We have enabled an update notification that will show up every time a… Continue reading

Tags: , ,

Categories: general

New Java Blocklist

The June 2012 update to the Java Development Kit (JDK) and Java Runtime Environment (JRE) included a patch to correct a critical vulnerability that can permit the loading of arbitrary code on an end-user’s computer. This vulnerability—present in the older versions of the JDK and JRE—is actively being exploited, and is a potential risk to… Continue reading

Tags: , ,

Categories: general

Update on Java Blocklist

We blocklisted the Java plugin yesterday, and there are 2 major updates that you should know about. Firstly, Apple has released a security update that fixes the security vulnerability in Java. All Mac OS X users should run Software Update and update their Java software as soon as possible. It should be noted that we… Continue reading

Tags: , ,

Categories: end users, general

Add-on security vulnerability announcement

One malicious add-on and another add-on with a serious security vulnerability were discovered recently on the Mozilla Add-ons site. Both issues have been dealt with, and the details are described below. Mozilla Sniffer Issue An add-on called “Mozilla Sniffer” was uploaded on June 6th to It was discovered that this add-on contains code that… Continue reading

Tags: , ,

Categories: developers, general

Introducing the AMO Editor Guide

Reviewing add-ons is a complicated task, and we haven’t been very good at documenting the whole process. New editors were trained live through IRC, and the training session usually took the better part of 2 hours. Even though I am pretty much the only person training new editors, it is very difficult to convey the… Continue reading

Tags: , , , , ,

Categories: developers, documentation, policy