3. June 2009, 17:49 | by WD Milner | Full Article |

Microsoft has done it again. The draconian and sheer corporate arrogance have resurfaced yet again in a Windows Update that surrepticiously installs a FireFox extension that opens wide vulnerabilities in that browser. Not surprisingly Microsoft feels no need to apologize and indeed considers this compromise to system security to be a service.

The extension is part of the Microsoft .Net Framework 3.5 SP1 update and permits the notorious ClickOnce vulnerability of Internet Explorer that enables websites to quietly upload and install software on a system through the browser. This vulnerability was much decried in Internet Explorer and indeed was responsible, at least in part, in moving many converts to alternate browsers.

The extension brings this vulnerability into FireFox. Perhaps the worst part is that not only does Microsoft install the extension without asking, they not only don't disclose that it is part of the update, but it is installed at the system level and so cannot be uninstalled from the browser using the normal extensions uninstall button which is greyed out.

After much negative feedback (Nomex undies required) Microsoft issued instructions on how to remove the extension, though they are not for the faint of heart.

To uninstall the ClickOnce support for Firefox from your machine:

  1. Delete the registry key for the extension
    • From an account with Administrator permissions, go to the Start Menu, and choose 'Run...' or go to the Start Search box on Windows Vista
    • Type in 'regedit' and hit Enter or click 'OK' to open Registry Editor
    • For 32-bit OS machines, Go to the folder HKEY_LOCAL_MACHINE > SOFTWARE > Mozilla > Firefox > Extensions
    • For 64-bit OS machines, Go to the folder HKEY_LOCAL_MACHINE > SOFTWARE > Wow6432Node > Mozilla > Firefox > Extensions
    • Delete key name '{20a82645-c095-46ed-80e3-08825760534b}'


    Open a command prompt window (must be 'run as Administrator' on Vista and later)

    Copy and paste the appropriate command below and hit 'Enter'

    For 32-bit OS machines:

    reg DELETE "HKLM\SOFTWARE\Mozilla\Firefox\Extensions" /v "{20a82645-c095-46ed-80e3-08825760534b}" /f

    For 64-bit OS machines:

    reg DELETE "HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions" /v "{20a82645-c095-46ed-80e3-08825760534b}" /f

  2. Reset the changes made to the Firefox user agent
    • Launch Firefox, go to the Firefox address bar and type in 'about:config'
    • Scroll down or use 'Filter' to find Preference name 'general.useragent.extra.microsoftdotnet'
    • Right-click on the item and select 'reset'
    • Restart Firefox
  3. Remove the .NET Framework extension files
    • Go to the Start Menu, and choose 'Run...' or go to the Start Search box on Windows Vista
    • Type in 'explorer' and hit Enter or click 'OK'
    • Go to '%SYSTEMDRIVE%\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\'
    • Delete the 'DotNetAssistantExtension' folder and all its contents

NOTE: Microsoft has released an update to .NET Framework 3.5 SP1 that makes the FireFox extension a per-user component which will make uninstalling a lot easier and cleaner. None of the above steps are required once this update is installed.

Download Update to .NET Framework 3.5 SP1 for the .NET Framework Assistant 1.0 extension for Firefox

While it is nice of Microsoft to provide this easier removal tool, the fact remains it should never have been installed without the foreknowledge and consent of the system owners. To do so is unethical at best and may even be illegal. It's certainly not a good way to improve an increasingly tarnished image, especially when recent press releases emphasize increased security awareness for their product offerings.

- 30 -

Categories: ,
Keywords: Microsoft,malware,Firefox



Textile help
* Indicates a required field.

As a SPAM prevention measure, comments are moderated and will be posted once vetted.


Article & Comments

Comments are not enabled for all articles or documents.

Article Navigation


Internet and WWW
Music and Audio
Society and Culture
Stage and Screen
Tips and Tricks
Web Design
Web Site

The Birches - Support Child Safety Online


 Help to FIGHT spam!