Linux and Open Source

Dana Blankenhorn & Paula Rooney

Get Linux and Open Source via:: Mobile; RSS; Email Alerts
Bios:: Dana’s Bio; Paula’s Bio

October 19th, 2009

Microsoft breaks Firefox

Posted by Dana Blankenhorn @ 5:10 am

Categories: Distributions, General, Internet, Microsoft, Network Administration, Not Linux, Security, software appliance

Tags: Mozilla Firefox, Microsoft Corp., Web Browsers, Microsoft Windows, Security, Viruses And Worms, Internet, Operating Systems, Software, Dana Blankenhorn

Mozilla vice president for engineering Mike Shaver is being polite about it, but basically Microsoft pushed some software into Firefox last week that left users vulnerable to attack.

(Wise guys might confuse this Three Stooges bit with a recent Microsoft security meeting.)

Windows Presentation Foundation (which those with a sense of humor now call Windows Thepresentation Foundation or WTF), along with .NET Framework 3.5 (which is now OK), were originally pushed as part of Windows in February, and their problems within Windows were fixed in May.

On Tuesday Microsoft pushed a patch to fix the problem within Internet Explorer. So if you’re patching your Microsoft browser your Firefox is safe. Let me repeat that. Microsoft insists its MS09-054 patch made even Firefox users safe.

But if you’re not following Microsoft directions then WTF you may now be vulnerable to exploit. So Mozilla told Microsoft it would “blocklist” both WTF and the .NET Framework, backing off on the latter after discussions with Microsoft.

The WTF plug-in supports an XML-based user interface called XBAP, and lets its XAML applications run. But the technology was vulnerable to a “drive-by” exploit, in which your hitting a specific Web page would download malware.

I’m reading a lot of blog posts calling this deliberate, even malicious. I don’t think it is. I suspect Microsoft is confusing its convenience with users’ security desires, rationalizing that this power lets it fix security holes automatically.

But its technology makes Microsoft the potential source of great big security holes, which can leave it with egg on its collective face. The kindest thing one can say is that this is vaudeville comedy. Others will call it burlesque or, perhaps, a horror show.

What’s your view?

Dana Blankenhorn has been a business journalist for 30 years, a tech freelancer since 1983. You can follow Dana on Twitter. See his full profile and disclosure of his industry affiliations.

Email Dana Blankenhorn

Subscribe to Linux and Open Source via Email alerts or RSS.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?

Talkback
Most Recent of 26 Talkback(s)

Thread View
Flat View

Because, Mozilla is responsibile for firefox!: nt
(Read the rest); Posted by: windozefreak Posted on: 11/03/09 You are currently: a Guest | Log in | Terms of Use

IE Welded into Windows Christian_<>< | 10/19/09

Wrong... Ceridan | 10/19/09

Code size only becomes a problem T1Oracle | 10/19/09

there should be lawsuits filed! Linux Geek | 10/19/09

not mozilla's problem rebelxhardcore | 10/20/09

Because, Mozilla is responsibile for firefox! windozefreak | 11/03/09

there should be lawsuits filed! as901 | 10/22/09

Class Action Lawsuits for errors? Fark | 10/19/09

well im not to sure about that Quebec-french | 10/19/09

Class Action Lawsuits as901 | 10/22/09

No, Firefox isn't broken but the title is sensational Boot_Agnostic | 10/19/09

The fix mandated IE DanaBlankenhorn

| 10/19/09

Wars of BS Crestview | 10/19/09

Such a Comment mejohnsn | 10/19/09

.NET is not "now safe" masonwheeler | 10/19/09

Do not attribute to malice... dave.leigh@... | 10/19/09

AKA Hanlon's Razor Yagotta B. Kidding | 10/19/09

RE: Microsoft breaks Firefox voodoochicken | 10/19/09

RE: Microsoft breaks Firefox FranC. | 10/19/09

this is bad journalism ljenux-23043766007667558234416105604265 | 10/20/09

The obvious conclusion to draw from Dana's statement : mhenriday | 10/20/09

RE: Microsoft breaks Firefox ka0mow | 10/20/09

OLD NEWS twaynesdomain | 10/20/09

OMG - I use Linux!! freetulisten | 10/20/09

no use in China zianed | 10/21/09

RE: Microsoft breaks Firefox i1marine | 10/21/09

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Sole-sourcing BI from your ERP vendor: IT convenience or strategic business decision? IBM Is sole-sourcing BI from ERP vendors delivering on its promises? See what 100 companies worldwide had to say about this increasingly common practice. Download Now
Unrivaled support from Novell, now available for Red Hat Novell If Linux is going to power your mission-critical applications, you'd ... Download Now
Qwest Network Services for Healthcare Providers Qwest Communications Demands for improved quality care and increased satisfaction require a ... Download Now

Essential Topics

Blogs From Our Sponsors

Top Rated

Firefox 3.6 release candidate now available+13 votes
English was the first open source language+11 votes
Obama enforces trade embargo against open source+10 votes
Firefox 3.6 RC2 now available+9 votes
Kiwi high school issues shot heard around the open source world+8 votes
The Google escalation and open source+7 votes
Is mobile Firefox going to be too late?+6 votes
Why open source marketing is so bad+6 votes

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

Driving business agility through SOA connectivity and integration IBM Corp. This paper describes some of the business and IT issues that enterprises ... Download Now
The Journey Along an Information-Led Transformation IBM Corp. The cost of embedding information technology into every device we ... Download Now
The Three Ps of Evaluating Managed Network Services Qwest Communications To reduce costs and keep IT resources focused on the core business, more ... Download Now

SmartPlanet

Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
More from IBM
How to Drive Better Business Outcomes with Exceptional Web Experiences Download the eBook
Driving Business Agility through SOA Connectivity & Integration Read the White Paper from IBM
Linking Decisions and Information for Organizational Performance Read the Tom Davenport study

Linux and Open Source

Dana Blankenhorn & Paula Rooney

October 19th, 2009

Microsoft breaks Firefox

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Essential Topics

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Archives

Favorite Links

Blogroll

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads

Linux and Open Source

Dana Blankenhorn & Paula Rooney

October 19th, 2009

Microsoft breaks Firefox

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Essential Topics

Recent Entries

Blogs From Our Sponsors

Top Rated

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Keep up with ZDNet

Archives

Favorite Links

Blogroll

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads