Free Republic
Browse · Search
Topics · Post Article

Skip to comments.

Sneaky Microsoft plug-in puts Firefox users at risk
COMPUTER ^ | October 16, 2009 | By Gregg Keizer

Posted on 10/20/2009 1:40:53 PM PDT by Cindy

Thanks to a special freepmailer for pointing to this article.


SNIPPET: "Computerworld - An add-on that Microsoft silently slipped into Mozilla's Firefox last February leaves the browser open to attack, Microsoft's security engineers acknowledged earlier this week.

One of the 13 security bulletins Microsoft released Tuesday affects not only Internet Explorer (IE), but also Firefox, thanks to a Microsoft-made plug-in pushed to Firefox users eight months ago in an update delivered via Windows Update.

"While the vulnerability is in an IE component, there is an attack vector for Firefox users as well," admitted Microsoft engineers in a post to the company's Security Research & Defense blog on Tuesday. "The reason is that .NET Framework 3.5 SP1 installs a 'Windows Presentation Foundation' plug-in in Firefox."

The Microsoft engineers described the possible threat as a "browse-and-get-owned" situation that only requires attackers to lure Firefox users to a rigged Web site."

(Excerpt) Read more at ...

TOPICS: Computers/Internet; Reference
KEYWORDS: firefox; internetexplorer; microsoft; mozilla
Navigation: use the links below to view more comments.
first previous 1-2021-23 last
To: BullDog108

on this step:

5. Open a new Firefox window, and in the address bar, type about:config and press Enter.

I get:

“the URL is not valid and cannot be loaded.

Anybody know what that’s about?

21 posted on 10/20/2009 4:26:16 PM PDT by Minn (Here is a realistic picture of the prophet: ----> ([: {()
[ Post Reply | Private Reply | To 10 | View Replies]

To: Minn
Make sure that you type in exactly about:config without spaces or http:
I followed these instructions, they worked for me.
22 posted on 10/20/2009 4:34:39 PM PDT by BullDog108 (A Smith & Wesson beats four aces)
[ Post Reply | Private Reply | To 21 | View Replies]

To: TheBattman
Nice - MS now engaged in Cyber-terrorism against its biggest browser competitor?

They are in a bit of a bind. If they don't release for Firefox extensions, they'll get accused of releasing Windows Updates only for IE users and hammered for that.

23 posted on 10/20/2009 9:53:52 PM PDT by Gondring (Paul Revere would have been flamed as a naysayer troll and told to go back to Boston.)
[ Post Reply | Private Reply | To 11 | View Replies]

Navigation: use the links below to view more comments.
first previous 1-2021-23 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794 is powered by software copyright 2000-2008 John Robinson