Security hole found in Microsoft's WPF addon for Firefox

After criticizing, Google over Internet Explorer plugin, its now Microsoft’s own turn, a security hole has been found in a plugin that Microsoft’ve been silently installing into Firefox. Along with .NET Framework 3.5 SP1, Microsoft’ve been silently installing a Windows Presentation Foundation Plugin that allows embedding of XAML applications (an XML-based UI technology) in web pages, […]

After criticizing, Google over Internet Explorer plugin, its now Microsoft’s own turn, a security hole has been found in a plugin that Microsoft’ve been silently installing into Firefox. Along with .NET Framework 3.5 SP1, Microsoft’ve been silently installing a Windows Presentation Foundation Plugin that allows embedding of XAML applications (an XML-based UI technology) in web pages, called XBAP (XAML Web App). The exploit’s drive-by, meaning that victim only needs to be lured onto a web-page for attack to be effective. The only safe thing to do until a patch’s issued, is to open Firefox’s AddOn Manager and disable the WPF plugin. Mozilla’ve the capability to blacklist plugins and addons if they misbehave or pose a threat, and have been working on a Plugin Check system to ensure that users’re kept up to date with plugins, which pose a security threat and are a part of the browser users are often unaware of.