Got a surprising alert yesterday telling me two of the extensions I had installed on my PC’s copy of Firefox have been blocked because they cause stability or security problems. (Click to enlarge the dialog on the right.) Specifically, the Microsoft .NET Framework Assistant and Windows Presentation Foundation extensions were the problem children that got kicked off the island. (In my defense, I didn’t install these extensions myself–Windows Update did). My first reaction was, “Ugh, of course Microsoft‘s extensions have vulnerabilities!”
Turns out that Firefox is blocking extensions with serious bugs from major companies beyond Microsoft, including Apple, Yahoo, and AVG. Here’s the full list of blocked extensions and the bugs that are causing the blockage. (Ironically, the AVG extension is called “SafeSearch.”) In a blog post, Mozilla security chief Mike Shaver says the .NET Framework Assistant has been unblocked, but as of writing it still shows up on the published list. Kudos to Firefox for taking a proactive stance and protecting its users against buggy extensions that could degrade the browsing experience. Did you have a buggy extension installed?
I think it’s safe to say that any Microsoft Firefox User with Windows Updates enabled got it. Especially with Microsoft’s awful security. http://djd.newsvine.com/_news/2009/10/16/3391434-sneaky-microsoft-plug-in-puts-firefox-users-at-risk
I’m glad Mozilla is willing to stand up to a techno giant when they screw up.
Alright Mozilla! can I get a W00t W00t!!!
interestingly enough, and sadly, I will have to get rid of Firefox due to security concerns. I will have to use IE 6. I got this today:
IT Security has learned of a potentially serious security hole / concern introduced to the “company” network due to usage of the Mozilla Firefox web browser. Since Firefox is not a “company” standard, supported application, it is not currently monitored and patched to ensure protection for the “company” network.
According to our network scan, your PC has Firefox loaded and you are an apparent user of this software. We have been directed to remove Firefox software from the “company” network.
No action is required on your part. It will be uninstalled in approximately one week.
Thanks in advance for your cooperation in maintaining a secure and productive network environment.
…sigh, I will miss you Firefox.