As the ZDNet article said, ” Well, the code in that add-on has a serious code execution vulnerability that exposes Firefox users to the “browse and you’re owned” attacks that are typically used in drive-by malware downloads.”
Due to the normal vulnerability lapses that Microsoft builds into their software I have accepted the need to do automatic updates when they send out the patches for the problem they created in the first place. I admit to a burning rage whenever they do an automatic update that isolates each computer on my network and I have to reconnect everything. I admit to the same rage when one of their updates negatively impacts another vendors software that I use regularly.
I found ie8 so astoundingly slow that I finally moved to FireFox just to be able to surf the net without ie8’s plodding behavior. Imagine my surprise on reading the ZDnet article and discovering that Microsoft has secreted a plugin on my FireFox that increases my vulnerability to malware. I guess surprise isn’t accurate, perhaps resigned to BigBrother hosing me again is more appropriate. Now that I have vented my spleen I can move to the fix for the Microsoft intrusion into the security of my FireFox.
Again from ZDnet, “Now, Microsoft’s security folks are actually recommending that Firefox users uninstall the buggy add-on:
For Firefox users with .NET Framework 3.5 installed, you may use “Tools”-> “Add-ons” -> “Plugins”, select “Windows Presentation Foundation”, and click “Disable”.
I followed these instructions and disabled the Microsoft plugin. Once again, Microsoft has stepped into my home, crapped on my floor and leaves it to me to clean up the mess.
Comments