Mozilla blocks McAfee Firefox extension, citing "explosive crashes"
Mozilla's new rapid-release schedule for Firefox is playing havoc with security software companies. A McAfee add-on has been blocked because of crashes with recent Firefox releases, and Norton has had to issue multiple compatibility updates.
Mozilla has taken the rare step of blacklisting a McAfee extension for the Firefox browser.
The Firefox add-ons page for McAfee ScriptScan displays a large red X and notes that the add-on "causes a high volume of crashes."
Mozilla's advisory says, "Users are strongly encouraged to disable the problematic add-on or plugin, but may choose to continue using it if they accept the risks described."
The bug report for the issue goes into greater detail. The report is titled "Blocklist McAfee ScriptScan for Firefox and McAfee SiteAdvisor due to explosive crashes," and it notes that two separate bugs highly correlated with the two add-ons caused 3,432 and 6,691 crashes in the week ending September 28. The issues reportedly affect users of Firefox 6.0.2 and the just-released Firefox 7.
A comment in the bug report, dated September 28, suggests that the problem is even worse than those numbers would suggest:
We had 1555 processed crashes on 6.* yesterday, with the 10% throttling rate, this means that roughly 15,000 crashes happened during a single day with this signature!
The list of blocked add-ons includes an entry for McAfee SiteAdvisor from last March. Three Microsoft products, including the Bing Bar, were blocked in October 2010 at Microsoft's request, to address security issues.
This isn't the first time that McAfee's add-on has been flagged for performance or reliability issues. An IBM TechNote from 2008 reports that an earlier version of ScriptScan "causes a four to seven seconds delay in rendering pages" from IBM's WebSphere application. In that case, according to IBM, McAfee acknowledged the performance issues with the tool.
A support thread at Mcafee.com acknowledges the current issue and says "McAfee is aware of it, has a bug filed and is working with Mozilla to address the problem."
This sort of incompatibility isn't surprising. Mozilla's decision to shift to a rapid-release schedule plays havoc with the makers of browser add-ons. On October 1, Symantec updated its Norton Toolbar and Norton Vulnerability Protection add-ons for Firefox. That followed a "minor product update" on September 20. A separate support note advised "This patch is necessary to prepare your Norton 2012 Product for the upcoming Firefox 7 compatibility update that we will release to Norton Products at a future date?." The Firefox 7.0 Compatibility Patch was released on September 27.