The use of plug-ins with Web browsers has been widespread for years, to enable users to (more or less) seamlessly access content in specialized formats (for example, Adobe’s PDF or Flash, QuickTime video). Since these plug-ins become, in effect, part of the browser program, they present a potential security risk as great as the browser itself.
The good folks at the Mozilla organization are offering a new service that allows Firefox users an easy way to check that the plugins that they have installed are up-to-date. Just visit the Plugin Check page, and you will get a list of your installed plug-ins, like this:
You’ll see that there are two plugins listed here (this is Firefox 3.5.3 running on Ubuntu Linux): Shockwave Flash, which is up to date, and Java, for which the checker at present has trouble confirming the version number (it is in fact up to date). For the Java plug-in, there is a ‘? Research‘ link, which does a pre-configured Google search to check for the latest version information.
Although this tool falls somewhat short of perfection, I think it will be improved over time as (I hope) plug-in developers supply a bit more information to Mozilla; and I think the folks at Mozilla are to be commended for taking steps to help their users stay safe.
Update, Friday, October 16, 11:07
Brian Krebs of the Washington Post has a post on the plugin checker at his “Security Fix” blog.