Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Thursday, 04 June 2009 19:39

Dear Microsoft: Don't meddle with Firefox

Microsoft's automated update facility is a wonderful thing.  It applies patches to all kinds of Microsoft packages.  Oddly, it recently also tried to pwn Firefox.
David Heath
Firefox Microsoft
On every "patch Tuesday" the latest roll-up of bug fixes are pushed out to every Windows PC (that has automatic update turned on).  All well-and-good, unless you had .NET 3.5 installed along with Firefox.

Earlier this year Microsoft .NET Framework 3.5 Service Pack 1 was pushed out to all relevant PCs.  All well-and-good.  Except that a hidden portion of the update added the Microsoft .NET Framework Assistant Firefox extension.  

Without notification, without permission.

The .NET extensions allow (amongst other more 'reasonable' things) for websites to install any software of their choosing on your PC.  Hang on; didn't we all switch to Firefox to avoid such behaviour? 

Better still, Uncle Bill made sure that we couldn't (easily) uninstall this small gift.

Reports from a number of sources all suggest that it is very difficult to remove the update.  Going to the Add-ons section of Firefox reveals a greyed out Uninstall button.

Three months after the roll-out of this 'enhancement,' Microsoft released an update to the 'enhancement,' which enabled the Uninstall button to function as expected.

Gosh, thanks for your concern.

Oops, the reason the uninstall button was unavailable was that the update was a "machine-level" package; independent of the logged-in user.  The patch permitted per-user removal.  No - this was NOT the same as uninstalling the package.  

Not even close.

It is quite clear that Microsoft has zero comprehension of the problem they created:

Quoting from the Microsoft download page: "In .NET Framework 3.5 SP1, the .NET Framework Assistant enables Firefox to use the ClickOnce technology that is included in the .NET Framework. The .NET Framework Assistant is added at the machine-level to enable its functionality for all users on the machine. As a result, the Uninstall button is shown as unavailable in the Firefox Add-ons list because standard users are not permitted to uninstall machine-level components. In this update for .NET Framework 3.5 SP1 and in Windows 7, the .NET Framework Assistant will be installed on a per-user basis. As a result, the Uninstall button will be functional in the Firefox Add-ons list. This update will also make this version of the .NET Framework Assistant for Firefox compatible with future versions of the Firefox browser. To properly update the .NET Framework Assistant, this update must be applied while the extension is enabled in Firefox. To remedy the result of installing this update while the extension was disabled, uninstall the update, re-enable the extension, and reinstall the update. Updates to the .NET Framework Assistant may include updates to the Windows Presentation Foundation Plug-in for Firefox causing it to be enabled upon its initial update."

I don't know about you, but that sure reads like it's a LONG way from either an apology or a genuine uninstall procedure.  They still think they're right.  As always.

The Windows Secrets newsletter offers a lot more information on how to evade this silver bullet.  I suggest you read what they have to say.

Better still, alert your friendly Microsoft representative to your anger, and to the fact that their fix really doesn't understand the issue.


As part of our Lead Machine Methodology we will help you get more leads, more customers and more business. Let us help you develop your digital marketing campaign

Digital Marketing is ideal in these tough times and it can replace face to face marketing with person to person marketing via the phone conference calls and webinars

Significant opportunity pipelines can be developed and continually topped up with the help of Digital Marketing so that deals can be made and deals can be closed

- Newsletter adverts in dynamic GIF slideshow formats

- News site adverts from small to large sizes also as dynamic GIF slideshow formats

- Guest Editorial - get your message out there and put your CEO in the spotlight

- Promotional News and Content - displayed on the homepage and all pages

- Leverage our proven event promotion methodology - The Lead Machine gets you leads

Contact Andrew our digital campaign designer on 0412 390 000 or via email



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.


David Heath

David Heath has had a long and varied career in the IT industry having worked as a Pre-sales Network Engineer (remember Novell NetWare?), General Manager of IT&T for the TV Shopping Network, as a Technical manager in the Biometrics industry, and as a Technical Trainer and Instructional Designer in the industrial control sector. In all aspects, security has been a driving focus. Throughout his career, David has sought to inform and educate people and has done that through his writings and in more formal educational environments.



Recent Comments