Sneaky Microsoft plug-in puts Firefox users at risk

News Sneaky Microsoft plug-in puts Firefox users at risk Patches critical bug, exploitable because of add-on silently slipped into Firefox last February By Gregg Keizer October 16, 2009 06:02 AM ET 2 Comments Computerworld - An add-on that Microsoft silently slipped into Mozilla's Firefox last February leaves the browser open to attack, Microsoft's security engineers acknowledged earlier this week. One of the 13 security bulletins Microsoft released Tuesday affects not only Internet Explorer (IE), but also Firefox, thanks to a Microsoft-made plug-in pushed to Firefox users eight months ago in an update delivered via Windows Update. "While the vulnerability is in an IE component, there is an attack vector for Firefox users as well," admitted Microsoft engineers in a post to the company's Security Research & Defense blog on Tuesday. "The reason is that .NET Framework 3.5 SP1 installs a 'Windows Presentation Foundation' plug-in in Firefox." The Microsoft engineers described the possible threat as a "browse-and-get-owned" situation that only requires attackers to lure Firefox users to a rigged Web site.

computer world Sneaky Microsoft plug-in puts Firefox users at risk

go figure check your plugins and get rid of it can't do nothing without them sneaking something in on you
and below is how to get rid of it

Tech Forums How To Uninstall Windows Presentation Foundation Plugin In Firefox

Originally posted by WeAreNothingWithoutGOD
By Gregg Keizer October 16, 2009 06:02 AM

You do realise that this is from slightly more than 2 years ago?
Dont you?

reply to post by alfa1


It might be old but to someone like me who's not a techie, this is good info.
I didn't know, I had it in my addons, just disabled it.

So thank you OP.

Not a bad topic at all.

Firefox released the 7.0.1, which is, in my opinion , total crap.

Much better than IExplorer. Microsoft doesn't choose those names for nothing, with IExplorer they can " Explore my life " and with windows they have a " window on my privacy "

Windows presentation Foundation 3.5.30729.1 ( a part a .NET Framework 3.5 ) is still present and installed as a Firefox plug-in, as well, the security issue for non up to date .NET 3.5.

Get the SP1 and all the patchs for the 3.5 and then disable it in firefox as a plug-in.

Since the 6.x.x releases it seem Mozilla don't care so much like before about stability, performance and security.

also, release 7.0.1 still not corrected the memory usage issue.

According to Task Manager Firefox use 689 Mb of memory right now with 5 tabs open. Normally it crashe when it hit 1.2 - 1.5 GB of memory.

.

reply to post by B3lz3buth


I'm using FF 7.01. It doesn't have the WPF3 plug-in. But it does use about 100-141 megs per tab it seems. Still. I'd rather be using FF than IE or Chrome.

At the same time. Mozilla is starting to worry me a little. I'm wondering if down the road I'm going to have no choice but to switch browsers.

reply to post by Klassified


FF 7.0.1 doesn't come with WPF 3.5

.NET Framework 3.5 must be installed

Btw, one of the add-ons i use for privacy its a must : Ghostery 2.6.0.1

LINK

Ghostery sees the "invisible" web, detecting trackers, web bugs, pixels, and beacons placed on web pages by Facebook, Google Analytics, and over 600 other ad networks, behavioral data providers, web publishers - all companies interested in your activity.

Actually there are 6 of them on that ATS page you reading right now


List of all security / privacy add-ons i use with FF

NoScript
Adblock Plus
Adblock Plus pop-up Addon
BetterPrivacy
Ghostery
Beef Taco ( targeted advertising cookies opt-out )
PrivacyChoice TrackerBlock
Redirect remover

BUT NO MATTER how much add-on, anti-anythings and care you take ALWAYS assume that everything you do online is NOT PRIVATE ANYMORE.

.

reply to post by B3lz3buth


I have 3.5 installed. Ghostery is a good little program. It has to be configured not to block ATS ads though, or it's against the T&C. Which of course you are already aware of since you've been here since 2008.

There's a few on your list I'm not familiar with though. Thanks for the tips.

BUT NO MATTER how much add-on, anti-anythings and care you take ALWAYS assume that everything you do online is NOT PRIVATE ANYMORE.

How true. But most folks are oblivious to this. Good post.

reply to post by Dr Cosma

your welcome and me too thats why I put it up here had the same problem and found a solution

reply to post by B3lz3buth

it was on mine last night and now it's gone since I found this article

I use firefox.
when it down graded from 3.6
to 4 it did not work!
they have kept down grading
now it is 7 ?
they must have let microsoft take over.

reply to post by Dr Cosma

I recommend anyone who found this on their plugin list to get Comodo Cleaning Essentials portable scanner
and run a scan I've been fighting to remove a hacker for a long time and so after I removed this I ran a scan and found a rootkit might not be the same for you but I'm curious

see links below for usage and free download
Introduction to Comodo Cleaning Essentials

Comodo Cleaning Essentials

reply to post by B3lz3buth


Don't know how you have your Firefox 7.0.1 set up but with 15 tabs open (all different sites) mine is staying around 310MB used. And it is perfectly stable. What is the memory usage with only one tab open?

Current Version Plugin Windows Presentation Foundation is a plugin of Firefox and it has been distributed through a WPF program that is the windows presentation foundation. It is an another amazing plugin for Firefox that magnify your video presentation quality.The windows presentation framework is updated and advanced version of the