May 29, 2009, 11:55AM
Microsoft sneaks Firefox add-on without user knowledge
Comment 
A routine security update for a Microsoft Windows component installed on tens of millions of computers has quietly installed an extra add-on for an untold number of users surfing the Web with Mozilla's Firefox Web browser, according to a report [washingtonpost.com] by Brian Krebs
The Firefox add-on was silently added to Firefox when users downloaded a service pack for the Microsoft .NET Framework. Annoyances.org explains why this is a security problem:
This update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for websites to easily and quietly install software on your PC. Since this design flaw is one of the reasons you may've originally choosen to abandon IE in favor of a safer browser like Firefox, you may wish to remove this extension with all due haste.
Here are the removal instructions to get rid of Microsoft's sneaky extension.
nCircle's Tyler Reguly warns that this means that Microsoft is now enabling drive-by downloads in Firefox.
Recommended Reads
Commenting on this Article is closed.
Today's Most Popular
Most Commented Stories
-
UPDATE: Looking For a 'FireSheep' Moment, Researchers Lay Bare Woeful SCADA Security (16)
-
Video: New Banking Trojan Caught Breaking CAPTCHA (4)
-
Apple Ships Huge Set of Patches for OS X (3)
-
Update: Verisign Admits To Security Breaches in 2010 (3)
-
Report Warns of Woeful Readiness For Cyber Attacks Globally (2)
Newsletter Sign-up
Take Our Poll
Follow Threatpost
 |  |  |  |
| Tumblr |
