.webp
)
Mozilla discovered add-ons that were abusing its proxy API function in early June and blocked them all at a time. And not only that even all these malicious add-ons were installed by more than 455k users.
The proxy API function is utilized to measure how Firefox connects to the internet and all these procedures were done by the add-ons.
To intercept and redirect web requests, in this event the malicious add-ons (named Bypass and Bypass XM) block the users from doing the following things:-
- Downloading updates
- Updating remotely configured content
- Accessing updated blocklists
While Mozilla’s spokesperson, Rachel Tublitz and Stuart Colville stated:-
“To prevent additional users from being impacted by new add-on submissions misusing the proxy API, we paused on approvals for add-ons that used the proxy API until fixes were available for all users.
Starting with Firefox 91.1, Firefox now includes changes to fall back to direct connections when Firefox makes an important request (such as those for updates) via a proxy configuration that fails. Ensuring these requests are completed successfully helps us deliver the latest important updates and protections to our users.”
So, here, Mozilla has added a system add-on that is hidden, impossible to disable, and updateable to block similar malicious add-ons from abusing the proxy API function of Mozilla:-
- Proxy Failover
What should I do next?
To keep you on the right track, Mozilla recommends and encourages users to immediately update their Firefox web browsers to the latest release version (Firefox 93) which comes with all the latest security mechanisms.
Moreover, right now there is only one anti-malware solution is available that detects the add-ons as malicious and tags them as “BrowserModifier:JS/BypassPaywall.A,” Microsoft Defender.
However, if you weren’t able to update your web browser to the latest version then you have to follow the following fixes that we have mentioned below:-
- Search for the problematic add-ons and remove them.
- Visit the Troubleshooting Information page.
- In the Add-ons section, search for one of the following entries:
Name: Bypass
ID: {7c3a8b88-4dc9-4487-b7f9-736b5f38b957}
Name: Bypass XM
ID: {d61552ef-e2a6-4fb5-bf67-8990f0014957}
Please make sure the ID matches exactly as there might be other, unrelated add-ons using those or similar names. If none of those IDs are shown in the list, you are not affected.
If you find a match, follow these instructions to remove the add-on(s).
- Try refreshing Firefox, as it will reset your add-ons and settings.
- Download a new copy of Firefox if needed.
While in the case of developers to facilitate future inspections use of the proxy API are being asked to start including the code “browser_specific_settings “: { “gecko”: { “strict_min_version”: “91.1” } } in their add-ons.
Looking for Best WAF Solutions for your web applications environment?? Register for Free WAF webinar & explore the experts thoughts and Choose the Best one.. Very limited seats available.. grab it here at .
