Mozilla Will Let Rival Browsers Run Firefox Security Tool

Mozilla plans to let people running rivals’ browsers use Firefox’s new plug-in update service, company officials said today.

After a week of testing , Mozilla late Tuesday launched a Web-based service that checks for outdated Firefox plug-ins. The service, which relies on a Web page users must steer to manually, is part of the company’s effort to prod people into upgrading potentially-vulnerable add-ons, such as Adobe Flash Player, which have become a major target for attackers.

The check scans for installed plug-ins, identifies those for which updates are available and provides a link to the vendor’s download site.

Although the service currently works only in Firefox , a pair of Mozilla managers said that the company wants to open the plug-in check to other browsers.

“Right now, this page only works with Firefox, but we care about all of you and we’re working to support those of you on other browsers as well,” said Asa Dotzler , Mozilla’s director of community development, in a post to his blog yesterday.

In fact, the service already detects plug-ins when the page is accessed by some browsers, such as Apple’s Safari, although it isn’t able to tell which plug-ins are outdated. However, other browsers, including Microsoft’s market-leading Internet Explorer (IE), can’t use the page: When IE8 reaches the check-in page, the message “No plugins were detected” appears.

Johnathan Nightingale, the manager of the Firefox front-end development team, declined an interview request Wednesday, but today confirmed Dotzler’s comment about future plans for the service.

“Right now, we’re focused on expanding our plug-in coverage and trying to bring greater consistency to the way this information is reported,” Nightingale said in an e-mail today. “Longer term, we’d like to make the page as universal as possible, both in terms of the plug-ins we check and the browsers people can use when they visit.”

According to another Mozilla blog , the plug-in checking service can also be called by any external site using a JavaScript API.

Mozilla has already promised to add more plug-in checking functionality to the next version of its browser. Firefox 3.6, which is slated to launch in beta next Wednesday, will warn users when they visit a Web site that relies on an outdated plug-in.

The plug-in check service detects more than a dozen different plug-ins, but isn’t always able to tell whether one is outdated. Adobe’s plug-in to render PDF documents within the browser, for example, was detected on a Computerworld system running Windows XP, but the checker said it couldn’t sniff out the version number.

Mozilla kicked off its campaign to eradicate out-of-date plug-ins last month, when it shipped a Firefox update that included detection for only Adobe Flash Player. Later, Mozilla said that the Flash check had prompted more than 10 million users to go to Adobe’s Web site to download the newest version of Flash.