Microsoft has acknowledged that they slipped the .NET Framework Assistant plugin into Firefox via Windows Update this past February, and that it has poked a “critical” hole in the browser’s security (effectively bringing Firefox down to IE’s level).
Microsoft has deemed the hole to be a “critical” security threat, as it gives webmasters the ability to quietly install software on your PC. Last May, Microsoft released an update that made it possible to uninstall the .NET framework. They also released a patch earlier this week that supposedly fixes the problem. The vulnerability can also be exploited on users running any version of Internet Explorer. Needless to say, Firefox and IE users should employ one of those solutions ASAP. [Computer World Image via rootshell.be]
apexwm
Thursday, October 22, 2009 at 4:03 AMMicrosoft should be embarrassed that somebody else had to come along and fix their work. Plus, the users should have been prompted to install the plugins. This is why I use Linux. I can run Firefox without this extra garbage being installed without my knowledge. With Windows, users will never have this freedom.