Written on October 17, 2009 at 11:26 am by Breaking News

Firefox Plugin Backfires on Microsoft

Filed under World News no comments

microWhile not good in the eyes of Microsoft to Google to install a plug-in Internet Explorer, an increase of the surface potential attack surface, when Microsoft do it to Firefox, is a different matter. Now a security hole was found in a plugin that Microsoft has been quietly installed in Firefox.
Set. NET Framework 3.5 SP1, Microsoft has been quietly installing a plug-in Windows Presentation Foundation that allows the integration of applications XAML (XML-based UI technology) in web pages, called XBAP (XAML Web App).
The exploit is drive-by, meaning that the victim only needs to be lured onto a web-page for the attack to be effective. The only safe thing to do until a patch is issued, is to open Firefox’s AddOn Manager and disable the WPF plugin.

Microsoft were caught earlier this year silently installing a “.NET Framework Assistant” plugin into Firefox, which could not initially be uninstalled. After some pressure from the press, Microsoft relented and provided an update to enable the uninstall button. That update then broke a number of other Firefox extensions.

The only thing that surprises me more, is that I’m not surprised that Microsoft could be this incompetent when it comes to the safety of all users of the web using Windows, regardless if they’re using IE or not.

  • Share/Bookmark
It's very calm over here, why not leave a comment?

Leave a Reply




  • Mom: Corey Haim’s Funeral Will Be Paid for by City of TorontoMom: Corey Haim’s Funeral Will Be Paid for by City of Toronto

    Though his best friend Corey Feldman said Corey Haim died with little money to his name, the late actor's funeral expenses... »

  • David Schwimmer Is Engaged!David Schwimmer Is Engaged!

    David Schwimmer and Zoe Buckman are more than just Friends: The couple have announced they'll soon be husband and... »

  • IRL RacingIRL Racing

    IRL Racing : British Prime Minister Tony Kanaan (No. 11 Team 7 – Ten, the second-fastest): “I am very happy with the... »

  • Florida LotteryFlorida Lottery

    Florida Lottery : No one hit it big on the night of Wednesday in the Florida Lotto or Powerball drawings at several, but the 5... »

  • Rani Mukherjee Hot VideosRani Mukherjee Hot Videos

    Rani Mukherjee Hot Videos : Welcome to the image pattern blog. One of the best unseen code pattern images. Dezi entertainment... »

  • Atomic clockAtomic clock

    Daylight Savings Time 2010 Got You a Little Confused? Thankfully, There are Plenty of Sites That Can Help You Find The Correct... »

  • Official timeOfficial time

    Every year during spring the clocks move forward and during fall the clocks revert back to Standard Time and this year the... »

  • Ipl live streaming cricketIpl live streaming cricket

    Watch IPL Cricket live streaming on Youtube!!! BCCI and Google have teamed up to provide you with the live telecast of IPL on... »

  • Pi day jokesPi day jokes

    Thank Goodness It's Pi Day! Celebrate With Irrational Exuberance March 14th is Pi Day, and that's official! This tradition... »

  • Jack Neo Sex ScandalJack Neo Sex Scandal

    Jack Neo Sex Scandal:-That’s the entire press conference. It ended in 3 minutes. I guess the press conference is necessary to... »