Closed
Bug 700607
Opened 13 years ago
Closed 13 years ago
block reported attack sites
Categories
(Firefox :: General, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: anthonygerrard+bugzilla.mozilla.org, Unassigned)
References
Details
User Agent: Mozilla/5.0 (Windows NT 6.0; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 Build ID: 20110928134238 Steps to reproduce: Firefox 7.0.1 Check "Block reported attack sites" is enabled in the security tab of options Visit Firefox test attack site http://www.mozilla.org/firefox/its-an-attack.html Actual results: Page displayed no problems Expected results: Page should have been blocked Also: My computer was infected with a nasty bit of malware after visiting [DO NOT VISIT THIS SITE] www dot ihateryanair dot org yesterday whilst using Firefox 7.0.1.
Reporter | ||
Comment 1•13 years ago
|
||
I've also tried doing this in Firefox safe mode with the same result
Comment 2•13 years ago
|
||
Our .com and .org websites recently merged, and the its-an-attack and its-a-trap pages used to be a .com URLs. Dave says there's a pending fix (bug 693389) to deal with those. So it's true that those two pages are not correctly detected, and therefore they can't be used to determine the more important question of whether SafeBrowsing as a whole is broken or working for you. For purposes of this bug let's ignore those two pages since they're already covered. If you change that URL to .com then it should be blocked http://www.mozilla.com/firefox/its-an-attack.html Is it blocked (it is for me)? then SafeBrowsing is working. If it's not then we can investigate that further. I didn't see anything obviously bad on the front page of the site you mentioned. Were you deeper into the site? It's possible it was something transient like an ad, and also possible it's detecting my location and serving me a "nice" version. The most common ways users get hacked is through outdated plugins. Please visit https://www.mozilla.com/en-US/plugincheck/ and make sure yours are OK. Update those that aren't and disable any you don't need (from the Addons dialog, found on the Tools menu).
Depends on: 693389
Reporter | ||
Comment 3•13 years ago
|
||
Yes the .com site is blocked so Firefox is working correctly. I'm 99% sure the attack was from that site. I cross referenced when the malicious files were created on my PC with my browser history and that was the only site I visited at the time. My QuickTime and Java plugins were out of date and I've updated those. Thanks for your help
Updated•13 years ago
|
Group: core-security
Status: UNCONFIRMED → RESOLVED
Closed: 13 years ago
Resolution: --- → WORKSFORME
You need to log in
before you can comment on or make changes to this bug.
Description
•