"Remember that Microsoft .NET Framework Assistant add-on that Microsoft sneaked into Firefox without explicit permission from end users?
Well, the code in that add-on has a serious code execution vulnerability that exposes Firefox users to the “browse and you’re owned” attacks that are typically used in drive-by malware downloads."
..."The reason is that .NET Framework 3.5 SP1 installs a “Windows Presentation Foundation” plug-in in Firefox.
Now, Microsoft’s security folks are actually recommending that Firefox users uninstall the buggy add-on:
For Firefox users with .NET Framework 3.5 installed, you may use “Tools”-> “Add-ons” -> “Plugins”, select “Windows Presentation Foundation”, and click “Disable”.
This introduction of vulnerabilities in a competing browser is a colossal embarrassment for Microsoft. "
Article in full here!
Safe surfing and ...
cheers ...
Well, the code in that add-on has a serious code execution vulnerability that exposes Firefox users to the “browse and you’re owned” attacks that are typically used in drive-by malware downloads."
..."The reason is that .NET Framework 3.5 SP1 installs a “Windows Presentation Foundation” plug-in in Firefox.
Now, Microsoft’s security folks are actually recommending that Firefox users uninstall the buggy add-on:
For Firefox users with .NET Framework 3.5 installed, you may use “Tools”-> “Add-ons” -> “Plugins”, select “Windows Presentation Foundation”, and click “Disable”.
This introduction of vulnerabilities in a competing browser is a colossal embarrassment for Microsoft. "
Article in full here!
Safe surfing and ...
cheers ...
