Linked by Thom Holwerda on Mon 1st Jun 2009 11:04 UTC, submitted by Rahul
.NET (dotGNU too) Microsoft is really making it hard not to distrust them, aren't they? We already talked about Mono and Moonlight this weekend, and now we're notified of something else. Apparently, the Microsoft .NET Framework 3.5 Service Pack 1, released earlier this year, installs a Firefox extension which could not be uninstalled easily (registry hacking was needed). To make matters worse, this extension came with a pretty big security hole (at least, that's what everyone says). A newer version of this extension has been pushed out in May, which can be uninstalled the proper way. As it turns out, Firefox apparently has a limitation in that extensions installed at the machine level (instead of the user level) cannot be uninstalled from within the extensions GUI.
Thread beginning with comment 366499
To view parent comment, click here.
To read all comments associated with this story, please click here.
gedmurphy
Member since:
2005-12-23

Malware attack?
How is this malicious software?

It's not Thom who needs to rethink his choice of words, it's you.

Reply Parent Score: 1

Liquidator Member since:
2007-03-04

The Linux community considers Microsoft software as malware.

Reply Parent Score: 3

Novan_Leon Member since:
2005-12-07

Those little rabid dogs, those Linux users ;)

Reply Parent Score: 1

Ikshaar Member since:
2005-07-14

Malware attack?
How is this malicious software?

It's not Thom who needs to rethink his choice of words, it's you.


ok call it software that install without user permission... but as they say.. the road to hell is paved with good intentions. It was not malicious per se but open the door to others.

I installed .NET but would have never agree to that extension (it happens that I saw it this morning - before this news and uninstall it right away)

Reply Parent Score: 1

WorknMan Member since:
2005-11-13

The real question is, why doesn't Firefox prevent this kind of behavior? I noticed that AVG was doing the same thing in order to install browser extensions (which slowed web surfing down to a crawl), which is one of the reasons I stopped using it.

The ONLY way you should be able to install extensions is through the browser itself. I'm not excusing the behavior of MS or anybody else who does this, but the fact that programs are able to do it in the first place is a security flaw in Firefox as far as I'm concerned.

Reply Parent Score: 1