![]() Later last Tuesday, Microsoft expanded on MS09-054 in a blog post by security engineers, and confirmed that Firefox was affected because of the add-on and plug-in. ![]() However, the MS09-054 bulletin, which provided details on the vulnerability, said nothing about Firefox. Microsoft maintained that users who applied the patches it issued last week as part of a record-setting security update would protect Firefox users from attack. The same vulnerability also affected all versions of Internet Explorer (IE), including the newest version, IE8. Last week, Microsoft's security team acknowledged that its software - which had been silently installed in Firefox as far back as February 2009 - contained a critical vulnerability that could be used by hackers to hijack Windows PCs. Net Framework Assistant and the Windows Presentation Foundation. In May 2008, for example, Mozilla added a Vietnamese language pack for Firefox to the blocking list when the pack was found to contain a worm.Īccording to Shaver, Microsoft gave Mozilla the go-ahead to block the. Mozilla has used the tool only nine times, including Friday's blocking of the Microsoft add-on and plug-in. ![]() The open-source company first used the blocker in 2007. Mozilla maintains an add-on/plug-in blocking list that automatically bars risky software from being used by Firefox. "Because of the difficulties some users have had entirely removing the add-on, and because of the severity of the risk it represents if not disabled, we contacted Microsoft today to indicate that we were looking to disable the extension and plug-in for all users via our blocklisting mechanism," Shaver said in an announcement posted Friday night to the company's security blog. The two-part Microsoft component - an add-on dubbed ".Net Framework Assistant" and a plug-in named "Windows Presentation Foundation" - have been blocked by Mozilla as a precautionary measure, said Mike Shaver, the company's head of engineering. Mike Shaver, Mozilla’s VP of Engineering, announced on his blog that they removed the Framework Assistant add-on from their blocklist since they have been informed by Microsoft that it is not a mechanism for exploiting the vulnerabilities as previously thought.Mozilla late Friday blocked the Microsoft-made software that had put Firefox users at risk from attack. Some time later, Microsoft releases an update that corrected that misstep and made it possible to uninstall the component without tampering with the registry. ![]() Initially, the de-installation of said components was possible only if one was willing to edit the Windows registry – a step not to be taken lightly by novices, as a mistake could lead to total incapacitation of the OS. The main reason Firefox users have complained about it is that the software was installed silently into Firefox without their knowledge or approval – through an update of. Microsoft admitted last week that the software posed a serious threat not only to Firefox users, but to IE users as well. The additional reason behind the blocking is that the users have had some difficulties with the removal of the add-on. NET Framework Assistant add-on and the Windows Presentation Foundation plug-in for Firefox dangerous enough to resort to such a measure.Īccording to Computer World, the two pieces of software were blocked on Friday (after notifying Microsoft of the intention), because they put users at risk of an attack through a remote code execution vulnerability. Although Mozilla uses it’s blocking list infrequently, it judged Microsoft’s new.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |