Sometimes, even a routine update can go haywire. That's what happened with a recent Microsoft Windows update: it installed an extra add-on to computers that use FireFox. What happened next? Keep reading to find out.
Contributed by Joe Eitel Rating: / 2 June 17, 2009
We’ve all done it before: visited a shady, unsecured site, downloaded something we weren’t supposed to, accidentally downloaded something we didn’t want, and what usually results from these mishaps? Our computers go haywire because something was downloaded that shouldn’t have been and it’s usually occurred sneakily and without our permission, causing pop-ups, making the computer freeze up or unexpectedly shut down. The amount of frustration that is caused by these sneaky, unforeseen downloads is immeasurable.
A majority of us feel at ease when visiting secure, trusted sites that have proven themselves to be reliable. These websites where downloads can be accessed worry-free are becoming increasingly rare online, which is why many of us depend on them so greatly. That being said, what happens when even the most trusted of sites installs something on our computer without our permission that causes us major problems?
Microsoft Updates Firefox Extension
This is exactly what’s happened for an untold number of users who utilize Mozilla’s Firefox web browser. Surprisingly -- and disappointingly -- the source of this problem has been found to be an otherwise routine security update for a Microsoft Windows component, which is reported to be installed on millions of computers. This update quietly installed an extra add-on without the permission users, but only to computers that use Firefox.
So, what’s the big deal? Well, aside from making Microsoft - one of the most trusted IT companiesin the world -- a little less reliable in the eyes of consumers (aside from Mac users, who already don't like Microsoft!), this add-on has recently been found to be both difficult and dangerous to remove.
Apparently, earlier this year Microsoft sent a large bundle of updates, which was referred to as a “service pack,” to the programming platform known as the Microsoft .NET framework. Before this minor, yet annoying debacle, Microsoft’s .NET framework has always proven to be incredibly reliable, as Microsoft itself and countless developers use the framework to run interactive programs on Windows. Like just about every other update, this problematic service pack for the .NET framework was sent to users through the Windows Update site.
At the time Windows Update began offering the service pack for installation, many users had never heard of the platform before. Thankfully, many of the affected users turned to online resources and message boards to find out whether or not the service pack was safe to install. This is perhaps the only time that kind of prudence and caution failed to help. The users were told that the pack had not caused any widespread problems and had not interfered with third party programs, so many of them installed it. Of course, this was beforeit was determined that the program would cause widespread problems and interfere with programs.
Fast forward a couple of weeks. Countless people have installed the service pack, which as previously mentioned, automatically installed its own Firefox add-on.Annoyances.org, a free web resource featuring the most complete collection of information assembled by and for Microsoft Windows users, was unsurprisingly the first to realize that this Firefox add-on wasn’t just a minor problem that could easily be removed. According to the site, the update causes Firefox to suffer from the same super-dangerous vulnerability Internet Explorer users constantly face, which is the ability for websites to quietly (and easily) install software on your PC -- without your permission, of course.
It’s obvious, yet often goes without saying, that some Windows users are using Firefox in the first place because they detest the idea of having to use Internet Explorer. Internet Explorer reportedly has many problems and routinely makes PCs vulnerable to all kinds of unfavorable viruses and spyware. The fact that these users have consciously gone out of their way to avoid the pitfalls commonly associated with Internet Explorer, only to suffer through the same problems with their beloved Firefox, has surely greatly upset those affected by the Firefox add-on. Aside from that, it’s got many long-time Microsoft users wondering what else the company can or will sneakily install on their home computers.
The Danger
So, what’s so dangerous about this measly little add-on? Aside from being annoying and sneaky, removing it is riskier than it seems. Usually when this kind of thing happens, users can just uninstall the add-on using Firefox’s ultra useful add-ons interface. Unfortunately, that won’t work this time around because Microsoft has disabled the usually-present uninstall button on the extension itself.
According to Microsoft blogger Brad Abrams, Microsoft decided to disable the uninstall option because the extension needed "support at the machine level in order to enable the feature for all users on the machine.” At the time this problem originally occurred, Microsoft told users that the only way to get rid of the Firefox add-on was to have a usermodifytheir Windows registry. If, however, this is done incorrectly, it can cause all Windows systems to fail to boot up.
Are Microsoft users stuck with this add-on until all eternity? Until recently, it was looking like it would be that way. Some developments have been made since the initial problem occurred, but Microsoft’s reputation has been hit hard. Users are now wary of security updates and uncomfortable installing them, and perhaps they should be.
After news of the Firefox add-on hit the web, Microsoft was obviously feeling the wrath of thousands - if not millions - of their users. So, what did they do? They issued apatch, naturally. The update patches Windows systems so that the Firefox add-on that was installed by Microsoft can be easily uninstalled without having to modify the Windows registry.
It is a remedy, but not a perfect one, seeing as how anyone who disabled the add-on instead of manually removing it will now have to re-enable the add-on before they can remove it for good. Sound confusing? It’s really not, though it is annoying.
If you’re one of the many who’s been affected by this Firefox add-on and disabled it after problems occurred, you will want to download the add-on once again and install it on your PC. You can check all of your add-ons from the Firefox menu, which is where the .NET Framework Assistant add-on should now be visible.
You’ll have to restart your computer, but once you have, you should notice that the add-on has been reinstalled, which means the uninstall tab will once again be accessible instead of grayed out. After clicking the uninstall tab and saying yes to the prompt, you’ll be well on your way to getting rid of the add-on for good.
The original service pack users may have installed before the patch was made available also included another Firefox plug-in entitled "the Windows Presentation Foundation plug-in for Mozilla browsers." If a user had disabled that plug-in after they installed the .NET service pack, using the patch will re-enable that plug-in as well -- this of course is another frustrating aspect, even for the fix.
Now that the patch has been issued, it’s obviously unnecessary to perform the risky, complicated task of modifying the Windows registry in order to remove the Firefox add-on. That being said, what if a user wants to get rid of it completely along with the Windows Presentation Foundation plug-in previously mentioned? Annoyances.org, which thankfully always seems to have an answer for every Windows annoyance in existence, has offered detailed instructions for modifying the register. According to the site, the steps are as follows:
Open Registry Editor(type regeditin the Start menu Search box in Vista/Windows 7, or in XP's Runwindow).
Expand the branches to the following key:
On 32-bit systems: HKEY_LOCAL_MACHINE SOFTWARE Mozilla Firefox Extensions
On x64 systems: HKEY_LOCAL_MACHINE SOFTWARE Wow6432Node Mozilla Firefox Extensions
Delete the value named {20a82645-c095-46ed-80e3-08825760534b}from the right pane.
Close the Registry Editor when you're done.
Open a new Firefox window, and in the address bar, type about:configand press Enter.
Type microsoftdotnetin the Filterfield to quickly find the general.useragent.extra.microsoftdotnetsetting.
Open Windows Explorer, and navigate to %SYSTEMDRIVE%WindowsMicrosoft.NETFrameworkv3.5Windows Presentation Foundation.
Delete the DotNetAssistantExtensionfolder entirely.
Open the Add-onswindow in Firefox to confirm that the Microsoft .NET Framework Assistantextension has been removed.
Many of us are incredibly cautious when surfing the web. That being said, we all have trusted sites and companies, such as Microsoft, that we’ve come to rely and depend on. This is not to say that the Microsoft name has been diminished in a week’s time, but the sneaky installation of the Firefox add-on was more than a little disheartening for many MS users.
Aside from all of the usual worries we all face when it comes to our computers and their software, it’s an unfortunate fact that many PC users now feel as if they also have to protect themselves from those who write the software they use. Hopefully Microsoft doesn’t attempt anything similar in the future. Thankfully, it seems as if they’ve gotten the message loud and clear.
BrainDump 
Vista and Online Video Viewing
