BleepingComputer.com: Sneaky Microsoft plug-in puts Firefox users at risk

Quote

Quote

Mozilla added the addon to their default blocklist.

Sources:
http://www.computerworld.com/s/article/913...x_users_at_risk
http://blogs.zdnet.com/security/?p=4614&am...g=trunk;content
https://www.mozilla.com/en-US/blocklist/

To add to what AA posted:

Mozilla now has a site you can check your plugins for security updates. Just click and it is pretty darn fast.
http://www.mozilla.com/en-US/plugincheck/


And This:
To protect users who may not have installed Microsoft's patch, Mozilla is automatically blocking two add-ons: the Microsoft .Net Framework Assistant and a related plugin called the Windows Presentation Foundation. The open-source browser started blocking the software late Friday night.

"Because of the difficulties some users have had entirely removing the add-on, and because of the severity of the risk it represents if not disabled, we contacted Microsoft today to indicate that we were looking to disable the extension and plugin for all users via our blocklisting mechanism," wrote Mozilla Vice President of Engineering Mike Shaver in a blog posting. "Microsoft agreed with the plan, and we put the blocklist entry live immediately."

Buggy plugins are a growing problem, as cyber criminals have increasingly leveraged flaws in products such as Adobe Flash Player and QuickTime to launch browser-based attacks. Earlier this week, Mozilla launched a Plugin Check site where Firefox users can see if their plugins are up-to-date.

Idiot Microsoft....were they given permission to put that plug-in into the Firefox Browser? Kinda sounds fishy to me in the fact that there was a problem with it in the first place.

scff249, on Oct 17 2009, 01:05 PM, said:

No. No permission is requested. It's installed automatically when you update the .Net Framework runtime.

I wonder why it was blocked if MS patched it which they did on 14-10-09 this tuesday. Though that was a .NET patch and I seem to have WPF which I know is connected to .NET but I do not seem to have the .NET itself.

samuel3... Windows Genuine Advantage? Really?

.NET framework assistant was added to blocklist a long time ago. But after updating Windows with MS hotfixes released on 14th October, Firefox warned about the WPF plugin and disabled it.

See Firefox addons blocklist : https://www.mozilla.com/en-US/blocklist/

I don't have the .NET ext anymore just the WPF, I presumed .NET had changed into WPF I must have been wrong but I never uninstalled it maybe its a vista thing?

Amazing Andrew, on Oct 18 2009, 03:02 AM, said:

What about it?

I don't even know what it is lol.

Explain please.

EDIT: If i can no longer use it and its no use - How do i remove it?

Samuel3---see info in link below.
http://www.tipandtrick.net/2008/how-to-uni...checkplugindll/

Ok.. thanks what was it anyway?

And how do i delete the disabled ones in there that are greyed out? I don't need them anymore?

Bumping. Anyone know from my question above?

Bumping.

Dam, anyone???

Quote

What about it?


Explain please.