Mozilla has introduced a new feature for Firefox add-on developers that allows them to quickly revert to a previously approved version and fix critical issues in situations where fixing and revalidating the extension would take too long.
The new logic allows users to make a recent update unavailable for installation, and if automatic updates are enabled, the browser will automatically roll back the extension to the previous build within 24 hours for users who have already installed the affected version.
Rollbacks are performed by republishing the old build with a new release number and distributing it via the Developer Hub or the Add-on Submission API, as explained by Mozilla. For add-ons hosted on addons[.]mozilla[.]org , rollbacks require at least two approved builds—you can revert to the previous build before the current one.
For self-distribution, restrictions are more flexible: rolling back to any previously approved version is allowed . In the control panel, next to the “Upload a new version” button, there is a “Roll back to a previous version” option, which initiates the rollback.
This new feature doesn’t eliminate the need for careful release review and moderation, but it does provide developers with a tool to quickly roll back and minimize the impact of failed builds. For users, this means a quicker return to a stable release and a reduced risk of long-term issues.
This summer, Mozilla strengthened the security of its add-ons portal by implementing mechanisms to block fraudulent extensions aimed at draining cryptocurrency wallets. Andreas Wagner, head of AMO’s content review and security team, reported that the platform has identified and removed hundreds of fraudulent add-ons in recent years, including numerous fake cryptocurrency wallets.
In July, Koi Security specialists detected over 40 fake extensions, and another 150 in August . The malicious extensions disguised themselves as popular cryptocurrency wallets, including Coinbase, Meta Mask, Trust Wallet, Phantom, Exodus, OKX, Keplr, and MyMonero.
Follow us on Google News to receive daily updates on cybersecurity. Contact us if you would like to report news, insights or content for publication.
