• Warning: Illegal string offset 'name' in fierce_js_init() (line 6 of /mnt/www/html/fiercemarkets/docroot/sites/all/modules/custom/fierce_js/fierce_js.module).
  • Warning: Illegal string offset 'url' in fierce_plugins_site_footer_content_type_render() (line 151 of /mnt/www/html/fiercemarkets/docroot/sites/all/modules/fierce_plugins/plugins/content_types/site_footer/site_footer.inc).
  • Warning: Illegal string offset 'signup_url_footer' in fierce_plugins_site_footer_content_type_render() (line 152 of /mnt/www/html/fiercemarkets/docroot/sites/all/modules/fierce_plugins/plugins/content_types/site_footer/site_footer.inc).
  • Warning: Illegal string offset 'contact_url' in fierce_plugins_site_footer_content_type_render() (line 155 of /mnt/www/html/fiercemarkets/docroot/sites/all/modules/fierce_plugins/plugins/content_types/site_footer/site_footer.inc).
  • Warning: Illegal string offset 'mobile' in fierce_plugins_site_footer_content_type_render() (line 156 of /mnt/www/html/fiercemarkets/docroot/sites/all/modules/fierce_plugins/plugins/content_types/site_footer/site_footer.inc).
  • Warning: Illegal string offset 'url' in fierce_plugins_site_footer_content_type_render() (line 157 of /mnt/www/html/fiercemarkets/docroot/sites/all/modules/fierce_plugins/plugins/content_types/site_footer/site_footer.inc).
  • Warning: Illegal string offset 'url' in fierce_plugins_site_footer_content_type_render() (line 159 of /mnt/www/html/fiercemarkets/docroot/sites/all/modules/fierce_plugins/plugins/content_types/site_footer/site_footer.inc).
  • Warning: Illegal string offset 'jazd' in fierce_plugins_jazd_hottest_products_content_type_render() (line 32 of /mnt/www/html/fiercemarkets/docroot/sites/all/modules/fierce_plugins/plugins/content_types/jazd_hottest_products/jazd_hottest_products.inc).

Microsoft plug-in for Firefox patched

Tools

Hidden in the record-breaking batch of security bulletins released by Microsoft earlier this week was one that addressed a vulnerability not in Microsoft's own product, but that of the rival Firefox browser from Mozilla. To put it bluntly, the critical bug that opened Firefox users to a critical risk is the result of Microsoft quietly pushing out an update via Windows Update eight months back.

The affected component would be the "Windows Presentation Foundation plug-in in Firefox" which typically comes via the .NET Framework 3.5 SP1. The problem is that this plug-in can be installed without the user's approval, according to Susan Bradley, a contributor to the Windows Secrets newsletter.

The danger is real, and Firefox users with the vulnerable plug-in only need to visit a rigged site to get compromised.

In addition, reports indicate that the original version of the plug-in was next to impossible to remove. This is because the "Uninstall" and "Disable" buttons for this particular plug-in are disabled by default, and removing them is complicated. The inability to easily uninstall it was later rectified in a May update.

While the latest update should resolve the issue, I would personally advocate removing the plug-in from computers you own or manage. Do a quick check of your Firefox; do you have this plug-in installed?

For more on this story:
- check out this article at Computerworld

Related Articles:
Is it only a myth that Firefox is more secure?
Mozilla plugs 13 holes in Firefox
Mega Patch Tuesday coming next week