” …Mozilla on Tuesday warned users that a password-stealing add-on slipped into Firefox’s extension gallery more than a month ago had been downloaded nearly 2,000 times before it was detected.
The malicious “Mozilla Sniffer” add-on was yanked from Mozilla’s servers Monday, and added to the Firefox “blocklist,” a last-resort defense that uninstalls potentially-dangerous browser extensions from users’ machines.
Mozilla also notified users of a critical security vulnerability in another add-on, the popular “CoolPreviews,” which currently sits at No. 21 on the Firefox most-downloaded list, saying it had temporarily yanked that plug-in, too.
The Mozilla Sniffer add-on was submitted to the Firefox Add-ons site June 6, Mozilla announced in a blog post yesterday…. “
July 14, 2010
Source: – Computerworld