Linked by Thom Holwerda on Mon 1st Jun 2009 11:04 UTC, submitted by Rahul
.NET (dotGNU too) Microsoft is really making it hard not to distrust them, aren't they? We already talked about Mono and Moonlight this weekend, and now we're notified of something else. Apparently, the Microsoft .NET Framework 3.5 Service Pack 1, released earlier this year, installs a Firefox extension which could not be uninstalled easily (registry hacking was needed). To make matters worse, this extension came with a pretty big security hole (at least, that's what everyone says). A newer version of this extension has been pushed out in May, which can be uninstalled the proper way. As it turns out, Firefox apparently has a limitation in that extensions installed at the machine level (instead of the user level) cannot be uninstalled from within the extensions GUI.
Permalink for comment 366472
To read all comments associated with this story, please click here.
A Flawed But Useful Feature
by testman on Mon 1st Jun 2009 12:50 UTC
Member since:

I agree that it is admirable to see Microsoft recognising another major player in the browser market. A feature like this can be quite useful for deploying .Net software easily in much the same way as Java Web Start. It's unfortunate that the initial deployment was flawed, but at least this has been rectified now.

By the way—

I could not find any information on the security hole which would allow silent installs, so if anyone has any information on that, let us know.

Is it too much to ask to do some research first before submitting your stories? You shouldn't make claims like this and expect people to do the work to back up your statements for you.

Reply Score: 3