Closed
Bug 1300480
Opened 8 years ago
Closed 8 years ago
Crashes with hmpalert.dll (Hitman Pro Alert)
Categories
(External Software Affecting Firefox :: Other, defect)
External Software Affecting Firefox
Other
Tracking
(firefox48 wontfix, firefox49 wontfix, firefox50 wontfix, firefox51+ wontfix, firefox52- fixed, firefox53 fixed)
People
(Reporter: philipp, Unassigned)
References
Details
(Keywords: crash, Whiteboard: [platform-rel-Sophos])
Crash Data
Comment hidden (obsolete) |
Reporter | ||
Comment 1•8 years ago
|
||
https://crash-stats.mozilla.com/report/index/bp-9f5c0525-f85e-45aa-be98-91c362160905
there are various crash reports with involvement of the third-party module hmpalert.dll, hooking into firefox. those occur nearly exclusively on windows 7 & upwards and "nl" locale builds seem to be affected the most (the product is developed by a dutch company).
Severity: normal → critical
Crash Signature: [@ hmpalert.dll@0x19bfa ]
[@ hmpalert.dll@0x19ba0 ]
[@ hmpalert.dll@0xc2fb ]
[@ hmpalert.dll@0xa50b ]
[@ hmpalert.dll@0x15f9a ]
[@ hmpalert.dll@0x141e7 ]
[@ hmpalert.dll@0x15f40 ]
[@ hmpalert.dll@0x19a10 ]
[@ hmpalert.dll@0x16b1e ]
[@ hmpalert.dl…
status-firefox48:
--- → affected
status-firefox49:
--- → affected
status-firefox50:
--- → affected
status-firefox51:
--- → affected
Keywords: crash
Summary: Crashes → Crashes with hmpalert.dll (Hitman Pro Alert)
Comment 2•8 years ago
|
||
Is this frequent-enough that we should spend time on it? If this affects all users of the Hitman software, and especially if this is a startup crash, we could try to block the DLL. We don't have many other remediation options, and it's not clear that blocking would be effective.
Is this software available for download?
Flags: needinfo?(madperson)
Reporter | ||
Comment 3•8 years ago
|
||
it's a rather low volume crash at the moment, so we shouldn't spend lots of time on it. blocklisting the module through our normal procedure didn't seem to work either a few months back when i last tried it: https://bugzilla.mozilla.org/show_bug.cgi?id=1268025#c14
they'd have a trial version available at http://www.surfright.nl/en/alert though.
Flags: needinfo?(madperson)
Comment 4•8 years ago
|
||
ok, please reopen if you think we should do something
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → INCOMPLETE
Comment 5•8 years ago
|
||
50 crash reports have been analyzed and the following versions have been found:
- hmpalert.dll
- 2.6.5.77: 1
- 3.5.1.552: 1
- 3.5.1.553: 1
- 3.5.1.550: 1
- 3.1.9.363: 1
- 3.5.0.546: 45
Reporter | ||
Comment 6•8 years ago
|
||
thanks marco, 3.5.0.546 is their latest release and 3.5.1.553 their beta build so it looks like the issue is still ongoing in their latest available versions unfortunately.
(also discussed in https://www.wilderssecurity.com/threads/hitmanpro-alert-support-and-discussion-thread.324841/page-449#post-2615113)
Reporter | ||
Updated•8 years ago
|
Crash Signature: hmpalert.dll@0x16ab0 ] → hmpalert.dll@0x16ab0 ]
[@ hmpalert.dll@0xcc3b]
[@ hmpalert.dll@0xd03b]
[@ hmpalert.dll@0xcbeb]
[@ hmpalert.dll@0xd04b]
[@ hmpalert.dll@0xcbfb]
[@ hmpalert.dll@0x19c1a]
[@ hmpalert.dll@0x19baa]
[@ hmpalert.dll@0x19c7a]
[@ hmpalert.dll@0x19bc0]
[…
status-firefox52:
--- → affected
status-firefox53:
--- → affected
Reporter | ||
Comment 7•8 years ago
|
||
[Tracking Requested - why for this release]:
these crashes got worse on the 51.0b version compared to prior cycles: http://bit.ly/2iAEwbd
can we try some outreach to the vendor (they seem to be part of sophos now) and work with them to address the issue in time, so that we don't have a bad surprise once 51 is generally released...
Reporter | ||
Comment 8•8 years ago
|
||
hi dees, do we have some relationship with sophos (or if not, could you help us setting something up)? thank you.
Flags: needinfo?(dchinniah)
Comment 9•8 years ago
|
||
Since we're at the end of the 51 cycle, I recommend proactively blocking this DLL, with testing to make sure the block works and doesn't break other important things. We should still reach out to Sophos to stop injecting into the Firefox processes.
Comment 10•8 years ago
|
||
Blocklisting patch in bug 1329994.
(In reply to [:philipp] from comment #8)
> hi dees, do we have some relationship with sophos (or if not, could you help
> us setting something up)? thank you.
I'm making some efforts here — and I'll add :pdol to any possible leads.
Flags: needinfo?(dchinniah)
Whiteboard: [platform-rel-Sophos]
Update: Via the CTO of Sophos, I have been connected with the CTO of SurfRight, the Sophos HitmanPro vendor — and they have engaged via email. These threads should include all relevant folks from both sides.
Comment 14•8 years ago
|
||
Too late for 51, mark 51 as won't fix.
Comment 15•8 years ago
|
||
[Tracking Requested - why for this release]:
Carry over the tracking flag from 51.
tracking-firefox52:
--- → ?
Comment 16•8 years ago
|
||
The newest version of HitmanPro should have a fix for the crash: "We have made a fix for at least some of the crashes that were reported by the FireFox users. A new version (Build 582 Beta) of HitmanPro.Alert can be downloaded here: http://test.hitmanpro.com/hmpalert3b582.exe.".
Comment 17•8 years ago
|
||
Not tracking for 52 based on comment 16 and low crash volume at the moment.
Comment 18•8 years ago
|
||
Fixed by Sophos in their 582 version. See bug 1329994 comment 18.
Status: REOPENED → RESOLVED
Closed: 8 years ago → 8 years ago
Resolution: --- → FIXED
Updated•8 years ago
|
You need to log in
before you can comment on or make changes to this bug.