Firefox Vietnamese language pack compromised

In a post to Mozilla Security blog, Window Snyder, Mozilla Security Officer, confirmed a security threat reported a couple of days ago that has compromised Vietnamese language packs downloaded since February 18, 2008.

Apparentlly, the language pack author’s computer got infected with the HTML.Xorer virus which injected malicious scripts into Firefox’s localized help files to display unwanted ads. While not harmful at this point, the ads could be replaced with malware to compromise users’ computers.

As part of Mozilla’s security policies, all files uploaded are routinely scanned for virus, but HTML.Xorer wasn’t added to the antivirus database until after the infected languages pack was published. A full scan following a virus database update is being considered to mitigate this weakness.

It should be noted that the help files doesn’t contain the virus itself, so it won’t infect users’ computers or network peers. Also, Mozilla confirmed a full scan of the repository found the injection to be to the Vietnamese language pack alone.

Vietnamese language pack users should disable it via Firefox Add-ons Manager until a new, clean version is released in the next few days.