Categories: Announcements Security

Plugin Check for Everyone

It’s been a few months since I wrote about the work our plugin check team has been doing, but there are a couple of pretty excellent pieces of news I’d like to share, most notably: the Mozilla plugin check now works for users of other browsers as well.

Plugin Check: A Refresher

Last fall, we started a program to help our users keep their plugins up to date. Outdated plugins are a major source of security and stability risk for web users, and some studies have put the proportion of users with older versions as high as 80%.

In the months since we’ve deployed the page, we’ve seen some great success. These days, over 60% of the users we see on the plugin check page with Adobe’s Macromedia Flash plugin installed are running the most recent version, and the number grows to more than 75% if we include the second most recent. That’s much higher than the web as a whole, and there is still a lot of work to do to get that number up, but we’re confident that the integrated checks for outdated plugins in Firefox 3.6 will improve things even further.

What’s New

We believe that plugin safety is an issue for the web as a whole, so while our initial efforts focused on building a page that would work for Firefox users, the team has since expanded plugin check coverage to work with Safari 4, Chrome 4, and Opera 10.5. We have added support for Internet Explorer 7 and 8 for the most popular plugins, as well, but since IE requires specific code to be written for each plugin it will take us a little longer to get to full coverage. You can see the updated page for yourself here.

This has been a phenomenal amount of work to develop and test, and the matrix of browser, plugin and OS grows very quickly. Our web team is remarkable, but they couldn’t have done it without the continuing support of Mozilla community members like Lloyd Hilaiel who helped write some of the plugin-specific logic.

Plugin Check Badges

Finally, now that we have delivered a more universal plugin check page, I wanted to call your attention to the plugin check site badges our team developed a little while ago. Adding these banners to your site will help your readers stay current regardless of which browser they use, and make the internet a safer place for everyone.

One More Request

Our Plugin Directory will eventually become the main way we keep our data about plugins up-to-date. If you’re a plugin vendor, we need your help! The directory is currently in alpha stages, and we need vendors to let us know as new versions come out, and old versions become dangerous. Please email plugindir @ mozilla . com for information about how you can get involved.

Johnathan Nightingale
Director of Firefox Development

12 comments on “Plugin Check for Everyone”

  1. Smokey Ardisson wrote on

    If this is a Mozilla service to everyone, regardless of browser,

    1) Isn’t the site something that should live on http://www.mozilla.org/*.mozilla.org rather than on the Firefox-focused http://www.mozilla.com?

    2) Shouldn’t the site be branded less as a Firefox site and more either a) generically or per-browser?

    In particular, on point 2, the text all over the page is all ”Firefox”: How can Firefox help me, how can I figure out what plug-ins I have installed (in Firefox), and so forth. Worse, the badges you recommend everyone add to their sites to help keep readers safe, *regardless of browser*, are all Firefox-themed badges!

    As the site is currently implemented, it comes off as a Firefox marketing effort rather than as the stated attempt to make all browser users safer (via updated plug-ins) in their browser of choice.

  2. jefersonh wrote on

    Plugin check for everyone, except pt-BR users. See bug 556891

  3. crom wrote on

    Why are plugins necessary? I thought HTML5 could do everything.

  4. Daniel Veditz wrote on

    crom: Necessary or not they are both ubiquitous and commonly out of date. As a result they are often exploited to install malware.

    Saying HTML5 is capable of replacing plugins doesn’t deal with the reality that today’s web is full of popular sites that require them. We’re trying to keep real users safe, not just ideal point masses who browse the web on a frictionless surface in a vacuum in an idealized HTML5-only future.

  5. guillaume wrote on

    When will you make international versions fot the checker ?? Do you know that the entire world does not speak english ?

  6. Daniel Veditz wrote on

    Many different Mozilla projects fight for attention from the same very small teams of localizers. Translations will be available as they’re finished.

    I don’t personally know the status in general, but French works:
    http://www.mozilla.com/fr/plugincheck/

  7. Linux Rules wrote on

    Why does the service begin the “check” as soon as the page is accessed? Why not have an information page and a button (link) to begin the check? And why does the page require setting a dozen cookies or it fails? I see NO valid reason to write cookies for this checkup.

  8. redvine wrote on

    How does one uninstall a plugin, not just disable it. How come it says I have an old version of the Acrobat plugin when I installed Reader, not Acrobat, and have the latest version. Also, couldn’t this page list what plugins it currently tests and what versions it currently considers the most up to date?

  9. N Kanayama wrote on

    Thanks.

  10. Webstandard-Blog wrote on

    @Daniel Veditz: Sounds good, but the german version of the plugin-check doesn’t work or excists ;o(

  11. Grant wrote on

    This increase in security via the Plugin check for the other browser products is fantastic. As soon as all the IE plugins can be checked the benefits will be even better due to IE’s current market share.

  12. Gordon P. Hemsley wrote on

    This plugin checker doesn’t seem to take into account system requirements. For example, even though the latest QuickTime is version is 7.6.6, I can’t install that, because I’m still on Tiger. I do have installed the latest avialable version, which is 7.6.4.