Firefox disconnected from "dangerous" WPF
On Saturday morning, many Firefox users saw a message about disabling the Windows Presentation Foundation plugin, which is said to be "a security risk."
Mozilla developers soon explained that the .NET Framework Assistant plug-in and the sister Windows Presentation Foundation, through a centralized locking mechanism, had actually been massively disabled . This is due to a serious vulnerability identified in June . Microsoft itself recommends that its users disable the .NET Framework Assistant if they have not installed a patch for IE.
Microsoft was previously notified of the actions of Mozilla and gave the go-ahead, so that the locking mechanism was launched on Saturday at about 5:00 am Moscow time.
Soon, Microsoft representatives again contacted. They informed that the .NET Framework Assistant plugin does not actually pose a security risk and cannot be used to launch exploits of the aforementioned vulnerability. Immediately after this, the .NET Framework Assistant was unlocked . Thus, his quarantine lasted only about 48 hours. But the second Windows Presentation Foundation plugin is still blacklisted.
If it seemed to you that you did not install such a plug-in in your browser, then keep in mind that the .NET Framework Assistant penetrated Firefox relatively quietly during the February Windows update (this was already discussed on Habré). For instructions on how to remove Microsoft .NET Framework 3.5 Service Pack 1 from the system, click here (you need to manually edit the registry, otherwise the service pack will not be deleted).
Mozilla developers soon explained that the .NET Framework Assistant plug-in and the sister Windows Presentation Foundation, through a centralized locking mechanism, had actually been massively disabled . This is due to a serious vulnerability identified in June . Microsoft itself recommends that its users disable the .NET Framework Assistant if they have not installed a patch for IE.
Microsoft was previously notified of the actions of Mozilla and gave the go-ahead, so that the locking mechanism was launched on Saturday at about 5:00 am Moscow time.
Soon, Microsoft representatives again contacted. They informed that the .NET Framework Assistant plugin does not actually pose a security risk and cannot be used to launch exploits of the aforementioned vulnerability. Immediately after this, the .NET Framework Assistant was unlocked . Thus, his quarantine lasted only about 48 hours. But the second Windows Presentation Foundation plugin is still blacklisted.
If it seemed to you that you did not install such a plug-in in your browser, then keep in mind that the .NET Framework Assistant penetrated Firefox relatively quietly during the February Windows update (this was already discussed on Habré). For instructions on how to remove Microsoft .NET Framework 3.5 Service Pack 1 from the system, click here (you need to manually edit the registry, otherwise the service pack will not be deleted).