A vulnerability exists in the upgrade mechanism used by a number of high profile Firefox extensions. These include Google Toolbar, Google Browser Sync, Yahoo Toolbar, Del.icio.us Extension, Facebook Toolbar, AOL Toolbar, Ask.com Toolbar, LinkedIn Browser Toolbar, Netcraft Anti-Phishing Toolbar, PhishTank SiteChecker and a number of others, mainly commercial extensions.
The vulnerability is made possible through the use of a man in the middle attack, a fairly old computer security technique. Essentially, an attacker must somehow convince your machine that he is really the update server for one or more of your extensions, and then the Firefox browser will download and install the malicious update without alerting the user to the fact that anything is wrong. While Firefox does at least prompt the user when updates are available, some commercial extensions (including those made by Google) have disabled this, and thus silently update their extensions without giving the user any say in the matter.
