Everyone who downloaded the most recent Vietnamese language pack since February 18, 2008 got an infected copy. While we cannot determine the exact number of compromised downloads, there have been 16,667 total downloads of the Vietnamese language pack since November 2007, so we anticipate the impact on users to be limited.
Mozilla does virus scans at upload time but the virus scanner did not catch this issue until several months after the upload. We are also adding after-the-fact scans of everything to address this sort of case in the future.
/me wonder what virus scanner they are using. And what is the name of the risk name flagged *now* by their antivirus scanner. Time for Mozilla guys to upload their installer or other files to Virustotal to see if any of the 32 malware scanners will flag anything <G>