As today’s headlines confirm, there is still a lot of confusion about what happened to the Vietnamese language pack, who is impacted, and what that impact really is.
First of all, there is no virus in the Vietnamese language pack. Vietnamese language pack for Firefox users have not been infected with a virus. The remnant we detected is a line in an html file that would display ads to users. This does not infect the user’s machine with the virus. It is a remnant from a virus that most likely infected the language pack developer’s machine. This code remnant is not present in other language packs. The entire add-ons site has been scanned for malware and viruses and nothing else has been detected. Disabling the language pack in the add-ons dialog disables the code remnant.
Mozilla scans all add-ons for viruses at upload time, but the nature of most anti-virus software is that it only finds the things it knows how to look for. When this add-on was uploaded there was no signature in the anti-virus software to detect this virus or its remnants.
There have been 16,667 downloads of the Vietnamese language pack since November 2007. It is hard to identify exactly how many users were impacted, but there are on average about 1000 active users. While the number of users is small, this is still unacceptable. We take this issue very seriously. The most likely impact for users was the display of unwanted ads.
These are the steps we have taken to protect users in the future:
• The add-ons site was immediately scanned for the presence of viruses and other potential malware, and nothing further has been detected.
• As a response to this issue and to minimize the potential of something similar happening in the future, Mozilla is now scanning all add-ons whenever the signatures for the anti-virus software are updated.