microsoft hacking firefox??

the_ultimate_evil

CURSE YOU GIN MONKEY.
Joined
Jul 27, 2001
Messages
22,773
Reaction score
47
Points
58
Sneaky Microsoft plug-in puts Firefox users at risk
Patches critical bug, exploitable because of add-on silently slipped into Firefox last February
By Gregg Keizer
October 16, 2009 06:02 AM ET


Computerworld - An add-on that Microsoft silently slipped into Mozilla's Firefox last February leaves the browser open to attack, Microsoft's security engineers acknowledged earlier this week.

One of the 13 security bulletins Microsoft released Tuesday affects not only Internet Explorer (IE), but also Firefox, thanks to a Microsoft-made plug-in pushed to Firefox users eight months ago in an update delivered via Windows Update.

"While the vulnerability is in an IE component, there is an attack vector for Firefox users as well," admitted Microsoft engineers in a post to the company's Security Research & Defense blog on Tuesday. "The reason is that .NET Framework 3.5 SP1 installs a 'Windows Presentation Foundation' plug-in in Firefox."

The Microsoft engineers described the possible threat as a "browse-and-get-owned" situation that only requires attackers to lure Firefox users to a rigged Web site.

Numerous users and experts complained when Microsoft pushed the .NET Framework 3.5 Service Pack 1 (SP1) update to users last February, including Susan Bradley, a contributor to the popular Windows Secrets newsletter.

"The .NET Framework Assistant [the name of the add-on slipped into Firefox] that results can be installed inside Firefox without your approval," Bradley noted in a Feb. 12 story. "Although it was first installed with Microsoft's Visual Studio development program, I've seen this .NET component added to Firefox as part of the .NET Family patch."

What was particularly galling to users was that once installed, the .NET add-on was virtually impossible to remove from Firefox. The usual "Disable" and "Uninstall" buttons in Firefox's add-on list were grayed out on all versions of Windows except Windows 7, leaving most users no alternative other than to root through the Windows registry, a potentially dangerous chore, since a misstep could cripple the PC. Several sites posted complicated directions on how to scrub the .NET add-on from Firefox, including Annoyances.org.

Annoyances also said the threat to Firefox users is serious. "This update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for Web sites to easily and quietly install software on your PC," said the hints and tips site. "Since this design flaw is one of the reasons [why] you may have originally chosen to abandon IE in favor of a safer browser like Firefox, you may wish to remove this extension with all due haste."

Specifically, the.NET plug-in switched on a Microsoft technology dubbed ClickOnce, which lets .NET apps automatically download and run inside other browsers.

Microsoft reacted to criticism about the method it used to install the Firefox add-on by issuing another update in early May that made it possible to uninstall or disable the .NET Framework Assistant. It did not, however, apologize to Firefox users for slipping the add-on into their browsers without their explicit permission -- as generally the procedure for Firefox add-ons or extensions.

This week, Microsoft did not revisit the origin of the .NET add-on, but simply told Firefox users that they should uninstall the component if they weren't able to deploy the patches provided in the MS09-054 update.

According to Microsoft, the vulnerability is "critical," and also can be exploited against users running any version of IE, including IE8.

http://www.computerworld.com/s/article/9139459/Sneaky_Microsoft_plug_in_puts_Firefox_users_at_risk


only just read about this, strangely enough yesterday FF said it was uninstalling some add ons to improve stability
 
Wow. So I found it, it was inactive, and I just uninstalled it.
 
This could explain some strange messages I've been getting lately. I found it and uninstalled with no issue.
 
Someone give us a "How to".


That way others can benefit from your expertise.


:doom: :doom: :doom:
 
My Firefox tried to eat my face yesterday. I talked it into just giving me a happy ending if I uninstalled the .net framework assistant and we parted on amicable terms.
 
F*** you Microsoft, first you make my 360 break, now you're trying to do it to my computer!?
 
only just read about this, strangely enough yesterday FF said it was uninstalling some add ons to improve stability
Yeah -- I noticed how some Microsoft addons weren't working and just the other day I got this Mozilla notice, telling me I should uninstall both Microsoft apps. Good :up:
 
Yeah i got that notice on my firefox yesterday.

Maybe if Microsoft invented a better browser in the first place everyone wouldn't have moved away from IE
 
I found the plugin in Firefox but it already said it was disabled for my protection. I'm still going to remove it completely though.
 
no wonder firefox kept locking up and not responding...safari it is then.
 
Yay for Macs!
 
Someone give us a "How to".


That way others can benefit from your expertise.


clear.gif
:doom: :doom: :doom:


:awesome:
 
Someone give us a "How to".


That way others can benefit from your expertise.


:doom: :doom: :doom:


First go to Start > Run > type regedit

then go to
HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions


Delete the one subkey there {20a82645-c095-46ed-80e3-08825760534b}


Next open Firefox, type about:config

on the filter type general.useragent.extra.microsoftdotnet

right click that and reset. Then restart Firefox.


Then go to Start > Run and type

%SYSTEMDRIVE%\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\


Delete the folder DotNetAssistantExtension and everything inside it.

That should remove the add On from Firefox
 
Last edited:
oh and disable automatic updates so you don't get any more sneakies from Microsoft :D
 

Users who are viewing this thread

Staff online

Latest posts

Forum statistics

Threads
200,783
Messages
21,811,773
Members
45,626
Latest member
SunStorm333
Back
Top
monitoring_string = "afb8e5d7348ab9e99f73cba908f10802"