Is Microsoft Sabotaging Firefox With Sneaky .NET Updates?

Sabotage may be a strong choice of word, but it immediately came to mind with the news of Microsoft’s latest .NET update.

The Microsoft .NET Framework 3.5 Service Pack 1, unleashed in February, forces an undisclosed Firefox extension on Windows users, called “Microsoft .NET Framework Assistant 10″, and it does so without asking the users permission.

To add insult to injury, the extension not only injects a serious security vulnerability into Firefox (also present in Internet Explorer), but it disables the uninstall button, meaning the only way to get rid of it, is to edit the Windows registry - a course of action not recommended for your usual non-tech-savvy user, as dabbling in the dark arts of registry editing can open you up to a slew of problems, and potentially kill Windows altogether.

A report by annoyances.org ominously states..

“This update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for websites to easily and quietly install software on your PC. Since this design flaw is one of the reasons you may’ve originally choosen to abandon IE in favor of a safer browser like Firefox, you may wish to remove this extension with all due haste.”

The official purpose of the add-on is to add ‘One-Click’ support and the ability to report installed .NET framework versions to the web server, but it also allows websites to install software on a users PC without their knowledge. This is a very serious security flaw that effectively turns Firefox into an open gateway for malware, much like Microsoft’s own web browser, Internet Explorer.

At best, one could call this stealth install a serious conflict of interest between competing browsers - at worst, it’s out-and-out sabotage, not only of a user’s PC, but of Firefox itself, which has gained a reputation for stability and security, much to the chagrin of Microsoft.

In forcing this add-on down the throats of faithful Firefox users, Microsoft have circumvented the more honest approach to installing Firefox extensions, via the offical Mozilla Add-ons page, betraying the trust of its users in the process.

Microsoft Internet Explorer currently enjoys a market share of 66% due only to it’s forced integration with the Windows operating system, but Firefox is rapidly gaining ground, currently at an estimated 22% and climbing. Being a competitor in the browser market, Microsoft have absolutely no business injecting stealth add-ons into Firefox, let alone blocking them from the uninstall process.

If you’ve been affected by this malicious update, you can follow the removal instructions provided by annoyances.org.