Read a little. Learn a lot. • Tightly-written news, views and stuff • Follow us on TwitterBe a Facebook FanTumble us!
 

Posted on October 17, 2009 | tags

 
 

Tech: Microsoft screwed over Firefox users with a sneaky update

  • While the vulnerability is in an IE component, there is an attack vector for Firefox users as well. The reason is that .NET Framework 3.5 SP1 installs a ‘Windows Presentation Foundation’ plug-in in Firefox.
  • Microsoft engineers on the company’s Security Research & Defense blog • Describing how a vulnerability which would usually only affect Internet Explorer users also affects IE users, too. The reason? Well, some genius thought it’d be awesome to stealthy foist a Microsoft-centric feature onto Firefox users without them asking – essentially bringing Firefox’s security quality down to the same level as IE. Way to go knuckleheads. • source