NoScript, WOT and other popular Firefox add-ons open to attack
NoScript, WOT and other popular Firefox add-ons open millions to new attack
Unlike many browsers, Firefox doesn't always isolate an add-on’s functions.
NoScript, Firebug, and other popular Firefox add-on extensions [including WOT] are opening millions of end users to a new type of attack that can surreptitiously execute malicious code and steal sensitive data, a team of researchers reported.
The attack is made possible by a lack of isolation in Firefox among various add-ons installed by an end user.
Windows 10 Pro (64-bit), Panda DOME 18.7.4, MBAM4 Pro, Windows Firewall, OpenDNS Family Shield, SpywareBlaster, MVPS HOSTS file, MBAE Premium, MCShield, WinPatrol PLUS, SAS (on-demand scanner), Zemana AntiLogger Free, Microsoft EDGE, Firefox, Pale Moon, uBlock Origin, CryptoPrevent.
[I believe computer-users who sandbox (Sandboxie) are acting prudently.]