# Sneaky Microsoft plug-in puts Firefox users at risk



## tomdkat (May 6, 2006)

http://www.computerworld.com/s/article/9139459/Sneaky_Microsoft_plug_in_puts_Firefox_users_at_risk



> An add-on that Microsoft silently slipped into Mozilla's Firefox last February leaves the browser open to attack, Microsoft's security engineers acknowledged earlier this week.
> 
> One of the 13 security bulletins Microsoft released Tuesday affects not only Internet Explorer (IE), but also Firefox, thanks to a Microsoft-made plug-in pushed to Firefox users eight months ago in an update delivered via Windows Update.


Some have been getting a popup warning from Firefox indicating the Windows Foundation Add-on was disabled due to a security issue.

Here is a follow-up article:

http://www.pcworld.com/article/173877/mozilla_unblocks_microsoft_addon_for_firefox.html



> Mozilla has now unblocked a Microsoft add-on thought to pose a danger due to a software vulnerability, but a second add-on remains blocked, the organization said on Sunday.
> 
> Microsoft has confirmed that the .NET Framework Assistant add-on can't be used as a "mechanism" for exploiting a vulnerability in Internet Explorer (IE), wrote Mike Shaver, Mozilla's vice president of engineering, on Sunday. The add-on enables what's called "ClickOnce" support, a Microsoft technology for application deployment.


Peace...


----------



## Stoner (Oct 26, 2002)

I got the warning that the Windows Foundation Add-on was disabled, but it was never in my list of add-ons before or after the block.
Is that normal?


----------



## hewee (Oct 26, 2001)

I did not get any thing put back.
I did away with all these long ago and again in June I think and thought it was back again after the MS update last week but it was not.


----------



## tomdkat (May 6, 2006)

Stoner said:


> I got the warning that the Windows Foundation Add-on was disabled, but it was never in my list of add-ons before or after the block.
> Is that normal?


It won't appear in the "Extensions" list in the add-ons window but in the "Plug-ins" list. I experienced the same thing and I believe that's normal.

Peace...


----------



## Stoner (Oct 26, 2002)

Thanks .......yep....that's where it was.


----------



## skyhigh007 (Jun 17, 2004)

I just got the pop up yesterday! So can we sue Microsoft? All my personal information are hacked?


----------



## hewee (Oct 26, 2001)

This is what I did to clear things up the first time back in Feb, 2009 and then I think June when it came back but the Net Framework Assistant had a uninstall that time.

http://cordobo.com/878-uninstall-microsoft-net-framework-assistent/

Now the file in the registry was not in the very same place but another Mozilla\Firefox\ just above or under the one list but it is easy to find because of the name "{20a82645-c095-46ed-80e3-08825760534b}" and "@microsoft.com/WPF,version=3.5".

You can do a system backup and or highlight the key above and export it before deleting.


----------

