Closed
Bug 449062
Opened 16 years ago
Closed 14 years ago
Blocklist MySearch plugin (MyWebSearch)
Categories
(Toolkit :: Blocklist Policy Requests, defect)
Toolkit
Blocklist Policy Requests
Tracking
()
RESOLVED
FIXED
People
(Reporter: davemgarrett, Assigned: morgamic)
References
()
Details
Attachments
(1 file)
6.48 KB,
text/plain
|
Details |
See bug 448837; can cause crashes on startup in Firefox 3, including safe mode. May also install itself without permission. http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=453090717
Comment 1•16 years ago
|
||
The NPMySrch.dll plugin is what needs to be blocklisted here, as that loads the modules that trigger the crash. This file is flagged as MyWebSearch spyware by virus scanners: http://www.virustotal.com/analisis/b201b6d78254374c349cb4f0e463cf8e Name: My Search Plugin Stub Description: My Search Plugin Stub for 32-bit Windows Filename: NPMySrch.dll
Summary: Blocklist MySearch toolbar → Blocklist MySearch plugin
Assignee | ||
Updated•16 years ago
|
Assignee: nobody → morgamic
Severity: normal → major
Comment 2•16 years ago
|
||
Any progress here? This has still been reported on sumo - with around ~10 chats per week (out of ~1000) containing this plugin. From https://chat-support.mozilla.com:9091/plugins/fastpath/chat-conversation.jsp?sessionID=atiy3752939 , it seems to be causing Firefox to hang on Google search results. The version of the plugin from this recent report: Name: My Web Search Plugin Stub Description: My Web Search Plugin Stub for 32-bit Windows Filename: NPMyWebS.dll content-type: application/x-mws-mywebsearchplugin
Severity: major → critical
Updated•16 years ago
|
Summary: Blocklist MySearch plugin → Blocklist MySearch plugin (MyWebSearch)
Comment 3•16 years ago
|
||
Do we have any contact with the company behind this plugin (InterActiveCorp/ask.com)?
Assignee | ||
Comment 4•16 years ago
|
||
Kev, would you be willing to speak with someone from interactive?
Assignee: morgamic → kev
Comment 5•16 years ago
|
||
will take this and run with it.
Comment 6•16 years ago
|
||
This is an example chat log from a user who was crashing on startup with bp-2aaabe11-c233-454e-bc10-bb0c22090602. Removing the mysearch plugin fixed the crash.
Reporter | ||
Comment 7•16 years ago
|
||
It's been 10 months since I filed this one. What's the status here? Was the company in question ever contacted?
Comment 8•16 years ago
|
||
Working through it now. There's no new status as yet, as I'm waiting on a response from the developers. Request was filed with IAC in the first week of June, and I'll continue to move it through. There's nothing set in stone as a timeframe to wait for a response, but I'm inclined to give two to three weeks and then push on (I know how long ago the bug was filed, and will try and escalate through Ask).
Comment 9•15 years ago
|
||
Kev, Any update?
Assignee | ||
Comment 10•15 years ago
|
||
Kev? Could we get an update please?
Comment 11•15 years ago
|
||
Have placed a call into IAC, will update tomorrow. Apologies for dropping this.
Comment 12•15 years ago
|
||
IAC is aware of this bug, and would liek to track it down. Do we have crash data we can share and/or versioning info (e..g is it all versions or only a specific version)?
Comment 13•15 years ago
|
||
bug 492675 is the crash bug
Assignee | ||
Comment 14•15 years ago
|
||
Kev? Any update?
Comment 15•15 years ago
|
||
We've notified the vendor, and they'd still like crash data to work with, but we're good to proceed.
Assignee | ||
Comment 16•15 years ago
|
||
Alright, so I'd be blocking "NPMySrch.dll" for all versions of all applications. Correct?
Assignee: kev → morgamic
Status: NEW → ASSIGNED
Assignee | ||
Comment 17•15 years ago
|
||
Query would be: INSERT INTO `blplugins` (min, max, filename) VALUES (NULL, *, 'NPMySrch.dll');
Assignee | ||
Comment 18•15 years ago
|
||
Speak now or forever hold your peace!
Reporter | ||
Comment 19•15 years ago
|
||
Well Kev said "we're good to proceed" so if people are still hitting this it would be nice if we can finally get this thing blocked.
Comment 20•15 years ago
|
||
Agreed. Components lockdown will address a lot of 'em, but I'd sure like to see this in place. Johnath, any objections?
Assignee | ||
Updated•15 years ago
|
Whiteboard: mozilla.com
Comment 21•15 years ago
|
||
(In reply to comment #20) > Agreed. Components lockdown will address a lot of 'em, but I'd sure like to see > this in place. Johnath, any objections? This sounds like plugin blocklist, not DLL, so I defer to Morgamic. Having said that - are we sure that "NPMySrch.dll" is the name this plugin uses to register itself?
Comment 22•15 years ago
|
||
Hi, this is Kirk Lawrence from IAC's Mindspark Division, we publish the MyWebSearch toolbar and the older MySearch toolbar (which are two seperate products). I'm not sure how appropriate it is to post here, but I wanted to ask you NOT to block the plugin until we've had a chance to get to the bottom of the issues. I'd like to invite you to email me at kirk dot lawrence (at) mindspark d0t com to discuss. Thanks, -Kirk
Comment 23•15 years ago
|
||
Hey Kirk, It's totally appropriate. You have my email address from previous queries, and I'm happy to discuss the issues and some of the user experience problems we've seen related to this. kev
Assignee | ||
Updated•15 years ago
|
Assignee: morgamic → nobody
Comment 24•15 years ago
|
||
This is a mass change. Every comment has "assigned-to-new" in it. I didn't look through the bugs, so I'm sorry if I change a bug which shouldn't be changed. But I guess these bugs are just bugs that were once assigned and people forgot to change the Status back when unassigning.
Status: ASSIGNED → NEW
Comment 25•14 years ago
|
||
I'm going through all of our existing blocklist entries and this was definitely added to the blocklist some time ago but the bug wasn't closed. This plugin is currently blocked in all versions.
Assignee: nobody → morgamic
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Whiteboard: mozilla.com
Updated•9 years ago
|
Product: addons.mozilla.org → Toolkit
You need to log in
before you can comment on or make changes to this bug.
Description
•