Summary: Microsoft has exposed Firefox users to attacks for many months; Mozilla blocks Microsoft’s Firefox “leech”
MOZILLA has perhaps had enough of Microsoft's intrusion and regardless of reactions from the Microsoft crowd, it is finally disabling Microsoft software that was not supposed to enter Firefox in the first place [1, 2, 3].
Mozilla is disabling a pair of components stealthily installed by Microsoft earlier this year for Windows users of the Firefox Web browser, warning that the software suffers from a serious security vulnerability.
It comes after this:
An add-on that Microsoft silently slipped into Mozilla’s Firefox last February leaves the browser open to attack, Microsoft’s security engineers acknowledged earlier this week.
That’s nine months of constant vulnerability due to Microsoft’s injection (without users’ permission) of software into Firefox. Some suggest that Mozilla should have taken legal action rather than take the gentle route. “Mozilla says Microsoft browser malware can Firefox off,” says one headline.
In other news, Microsoft Outlook Web Access comes under phishing attacks, which raise even more questions. These attacks mostly come from Windows zombies, which are ruining the E-mail system for everyone.
Given the high malware ratio in Windows, what gives?
Ars Technica shows that even Microsoft can’t offer a solution.
Simple script trips up Microsoft Security Essentials
A VBS script written by an Ars forum member is detected by Microsoft Security Essentials as a threat. Ars investigates.