Closed Bug 690184 Opened 8 years ago Closed 8 years ago

Blocklist McAfee ScriptScan for Firefox and McAfee SiteAdvisor due to explosive crashes

Categories

(Toolkit :: Blocklist Policy Requests, defect, critical)

x86
Windows 7
defect
Not set
critical

Tracking

()

RESOLVED FIXED

People

(Reporter: marcia, Assigned: fligtar)

References

()

Details

(Whiteboard: [extension][softblock][3rd-party-bustage])

Bug 690139 - 3432 crashes in the last week.
Bug 688637 - 6691 crashes in the last week

Both crashes are highly correlated to:

99% (430/435) vs.   2% (2628/116041) {D19CA586-DD6C-4a0a-96F8-14644F340D60}
59% (256/435) vs.   4% (4235/116041) {4ED1F68A-5463-4931-9384-8FFF5ED91D92

and are hitting 6.0.2 and 7 users.

KaiRo makes a good point in Bug 688637 Comment 3.
Umm, we should give an explicit version range for both the add-ons and the product versions on which to block them. As this is not a malicious thing by itself, I think we should softblock (i.e. allow users to enable again) and only block the actual range of versions that cause problems.
Yes, working on getting that now.

(In reply to Robert Kaiser (:kairo@mozilla.com) from comment #1)
> Umm, we should give an explicit version range for both the add-ons and the
> product versions on which to block them. As this is not a malicious thing by
> itself, I think we should softblock (i.e. allow users to enable again) and
> only block the actual range of versions that cause problems.
Just for historical purposes, last time we blocked Site Advisor we did it a hardblock. See Bug 660111.
McAfee SiteAdvisor
Extension ID: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}
Extension Version: <= 3.4.0
Firefox Version: >= 

McAfee Script Scan
Extension ID: {D19CA586-DD6C-4a0a-96F8-14644F340D60}
Extension Version: <= 14.4.0
Firefox Version: >= 

Regarding Firefox versions, these crashes happen across most major versions - I can roll up a list of all versions, unless we just want to block the highest volume versions.

https://community.mcafee.com/message/207139 has some screenshot of the extensions in action.
Across all Firefox versions should be OK if we have a max version of the add-on that's blocked, so they can release a fixed version easily.
I have installed the combination of Site Advisor and Script Scan (Total Protection Package) in the QA lab but have not yet been able to reproduce the crash. 

McAfee is aware of the issue and we are working on refining the block criteria.
I've staged the block and it's ready for testing: https://wiki.mozilla.org/Blocklisting/Testing

https://addons-dev.allizom.org/blocklist/3/%7Bec8030f7-c20a-464f-9b0e-13a3a9e97384%7D/7.0/Firefox/20101228030339/Darwin_x86_64-gcc3-u-i386-x86_64/en-US/nightly/Darwin%2010.6.0/default/default/10/

<emItem  blockID="i48" id="{D19CA586-DD6C-4a0a-96F8-14644F340D60}">
    <versionRange  minVersion="0.1" maxVersion="14.4.0" severity="1"></versionRange>
</emItem>
Assignee: nobody → fligtar
Whiteboard: [extension][softblock][needs testing]
Looks good. I tested using the following versions on XP:

Mozilla/5.0 (Windows NT 5.1; rv:6.0) Gecko/20100101 Firefox/6.0

Mozilla/5.0 (Windows NT 5.1; rv:8.0) Gecko/20100101 Firefox/8.0

Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1

I also tested three different versions on a Windows 7 x64 machine and the blocklist was fine.
For the sake of completeness, here are the 3 Win 7 versions:

Mozilla/5.0 (Windows NT 6.1; WOW64; rv:9.0a2) Gecko/20110930 Firefox/9.0a2

Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1

Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0.2) Gecko/20100101 Firefox/6.0.2
Thanks Marcia. I'll block this tomorrow morning in production (I try not to block on weekends when I may not be around to deal with any issues)
Whiteboard: [extension][softblock][needs testing] → [extension][softblock]
Blocked in prod: https://addons.mozilla.org/en-US/firefox/blocked/i42
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
Blocks: 688637
It looks like McAfee made a mistake with VirusScan Enterprise 8.8 Patch 1, their install.rdf for ScriptScan now contains:

    <em:id>{D19CA586-DD6C-4a0a-96F8-14644F340D60}</em:id>
    <em:type>2</em:type>
    <em:name>IDS_SS_NAME</em:name>
    <em:version>IDS_SS_VERSION</em:version>
    <em:creator>McAfee, Inc.</em:creator>

Which means, no version info. The Scriptff.dll file now has version 14.4.0.354 (or 14.4.0.375 if you have installed Hotfix 625756 - https://kc.mcafee.com/corporate/index?page=content&id=KB71083)

Is the blocklist looking at the install.rdf version or the dll version? Does the 8.8P1 version still causes crashes? More important, should this bug be reopened?
Whiteboard: [extension][softblock] → [extension][softblock][3rd-party-bustage]
Product: addons.mozilla.org → Toolkit

I am also facing the bug mine website is not getting redirected from http://www.windowsmoviemaker.xyz/ to https://www.windowsmoviemaker.xyz/

You need to log in before you can comment on or make changes to this bug.