Most Popular Stories
Events
- Intelligent Content 2010
February 25-26 — Palm Springs, CA - Comptel PLUS
Mar 14-17, 2010 - Healthcare IT Institute
May 2nd-4th — Atlanta, GA - AIIM Expo + Conference
April 20-22, 2010 — Philadelphia, PA
Sponsored Links
HOT TOPICS >> Solid State Drives | IT Security | Open Source | ARM Processors | Google Chrome 4
INDUSTRY >> Healthcare | Government | Financial Services | Biotech | Compliance
Free Newsletter
Latest News
Popular Topics
Whitepapers
Microsoft plug-in for Firefox patched
Hidden in the record-breaking batch of security bulletins released by Microsoft earlier this week was one that addressed a vulnerability not in Microsoft's own product, but that of the rival Firefox browser from Mozilla. To put it bluntly, the critical bug that opened Firefox users to a critical risk is the result of Microsoft quietly pushing out an update via Windows Update eight months back.
The affected component would be the "Windows Presentation Foundation plug-in in Firefox" which typically comes via the .NET Framework 3.5 SP1. The problem is that this plug-in can be installed without the user's approval, according to Susan Bradley, a contributor to the Windows Secrets newsletter.
The danger is real, and Firefox users with the vulnerable plug-in only need to visit a rigged site to get compromised.
In addition, reports indicate that the original version of the plug-in was next to impossible to remove. This is because the "Uninstall" and "Disable" buttons for this particular plug-in are disabled by default, and removing them is complicated. The inability to easily uninstall it was later rectified in a May update.
While the latest update should resolve the issue, I would personally advocate removing the plug-in from computers you own or manage. Do a quick check of your Firefox; do you have this plug-in installed?
For more on this story:
- check out this article at Computerworld
Related Articles:
Is it only a myth that Firefox is more secure?
Mozilla plugs 13 holes in Firefox
Mega Patch Tuesday coming next week
Related Stories
- Microsoft to release five critical updates today
- Six security patches in November, says Microsoft
- Browser flaw hits IE and Firefox
- Oracle releases over 60 security patches
- Microsoft mulls releasing security betas
- Mozilla adds vulnerable Microsoft plug-in to block list
- ALSO NOTED: First look: Vista SP1; Mozilla patches Firefox vulnerability;
- Lead on other browsers narrows for Internet Explorer
- Serious flaw discovered in Microsoft IIS
- Microsoft plans out-of-band patch this Tuesday
Comments
Post new comment
Home
| Subscribe | Advertise | RSS |
Privacy
| Site MapTHE FIERCEMARKETS NETWORKFierceFinance | FierceFinanceIT | FierceComplianceIT | FierceHealthcare | FierceHealthFinance | FierceHealthIT | Hospital Impact | FierceMobileHealthcare | FierceCIO | FierceCIO:TechWatch | FierceContentManagement | FierceMobileIT | FierceGovernmentIT | FierceBiotech | FierceBiotech Research | FiercePharma | FierceVaccines | FierceBiotechIT | FiercePharma Manufacturing | FierceIPTV | FierceOnlineVideo | FierceTelecom | FierceVoIP | FierceBroadbandWireless | FierceDeveloper | FierceMobileContent | FierceWireless | FierceWireless:Europe© 2009 FierceMarkets, Inc. All rights reserved. |
![]() |






