[LINK] Microsoft exposes Firefox users to drive-by malware downloads

Bernard Robertson-Dunn brd at iimetro.com.au
Mon Oct 19 06:02:27 AEDT 2009


http://blogs.zdnet.com/security/?p=4614&tag=nl.e589

Now, Microsoft’s security folks are actually recommending that Firefox 
users uninstall the buggy add-on:

For Firefox users with .NET Framework 3.5 installed, you may use
“Tools”-> “Add-ons” -> “Plugins”, select “Windows Presentation
Foundation”, and click “Disable”.

This introduction of vulnerabilities in a competing browser is a 
colossal embarrassment for Microsoft. At the time of the surreptitious 
installs, there were prescient warnings 
<http://www.annoyances.org/exec/show/article08-600> from many in the 
community about the security implications 
<http://blog.ncircle.com/blogs/vert/archives/2009/05/microsoft_enables_driveby_down.html> 
of introducing new code into browsers without the knowledge — and 
consent — of end users.


-- 
 
Regards
brd

Bernard Robertson-Dunn
Canberra Australia
brd at iimetro.com.au




More information about the Link mailing list