Author Topic: Microsoft exposes Firefox users to drive-by malware downloads  (Read 14882 times)

Offline roro

  • avast! Evangelist
  • Poster
  • ***
  • Posts: 437
  • Gender: Female
    • Personal Message (Offline)
Re: Microsoft exposes Firefox users to drive-by malware downloads
« Reply #15 on: October 17, 2009, 10:13:27 AM »
Also,
I don't have the:

Windows Presentation Foundation 3.5.30729.1 (Plugin)
Microsoft. Net framework assistant 1.1           (Extension)

In Firefox, but I do have these:

Microsoft DRM  Netscape Network object (plugin)
Microsoft DRM store Netscape plugin

Should these be disabled too?

RoRo
2003 Win XP SP3, Pent4 2.4 GHz, OE, 1 GB RAM, 80GB HD, comodo firewall
2008 Windows 7 32 bit, 1,8 GHZ, 4 GB RAM,,Windows Defender, windows firewall
(all Machines Avast 8.01483, MBAM, SAS, Firefox 20.01 and IE 8

Offline logos

  • avast! Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9456
  • Gender: Male
    • Personal Message (Offline)
Re: Microsoft exposes Firefox users to drive-by malware downloads
« Reply #16 on: October 17, 2009, 10:17:39 AM »
don't know how you managed to get these  ;D yes of course they should be disabled.
w7 - ais7

Offline Avastfan1

  • Advanced Poster
  • **
  • Posts: 968
  • Gender: Male
    • Personal Message (Offline)
Re: Microsoft exposes Firefox users to drive-by malware downloads
« Reply #17 on: October 17, 2009, 10:38:58 AM »
Are you sure?

I have them as well.......
Window 7 Home Premium - Avast Pro 7.0.1474 - PC Tools Firewall Plus 7.0.0.123 - MBAM 1.70 - Firefox 17.0.1 - NoScript 2.6.4.2 - Adblock Plus 2.2.1

Offline logos

  • avast! Überevangelist
  • Serious Graphoman
  • *****
  • Posts: 9456
  • Gender: Male
    • Personal Message (Offline)
Re: Microsoft exposes Firefox users to drive-by malware downloads
« Reply #18 on: October 17, 2009, 10:44:43 AM »
well unless you're a DRM worshiper  ;)
w7 - ais7

Offline Omid Farhang

  • Malware Hunter
  • avast! Evangelist
  • Super Poster
  • ***
  • Posts: 1658
  • Gender: Male
  • I wish I could write longer personal text!!
    • Omid's Site
    • Personal Message (Offline)
Re: Microsoft exposes Firefox users to drive-by malware downloads
« Reply #19 on: October 17, 2009, 10:51:49 AM »
Also,
I don't have the:

Windows Presentation Foundation 3.5.30729.1 (Plugin)
Microsoft. Net framework assistant 1.1           (Extension)
if you don't have them, it's mean you have not installed .Net Framework +3, don't worry, it's okay, just for some new programs you may get a warning that they need it to run.

In Firefox, but I do have these:

Microsoft DRM  Netscape Network object (plugin)
Microsoft DRM store Netscape plugin

Should these be disabled too?
if you buy songs from a location which need these (or use some stuff else which need it), no, don't disable, but if not, you can disable them and re-enable them when you need them.
« Last Edit: October 17, 2009, 10:57:32 AM by Omid Farhang »

Offline roro

  • avast! Evangelist
  • Poster
  • ***
  • Posts: 437
  • Gender: Female
    • Personal Message (Offline)
Re: Microsoft exposes Firefox users to drive-by malware downloads
« Reply #20 on: October 17, 2009, 10:56:54 AM »
Thank you,
I don't purchase songs on line so I will disable them.
RoRo
2003 Win XP SP3, Pent4 2.4 GHz, OE, 1 GB RAM, 80GB HD, comodo firewall
2008 Windows 7 32 bit, 1,8 GHZ, 4 GB RAM,,Windows Defender, windows firewall
(all Machines Avast 8.01483, MBAM, SAS, Firefox 20.01 and IE 8

Offline Avastfan1

  • Advanced Poster
  • **
  • Posts: 968
  • Gender: Male
    • Personal Message (Offline)
Re: Microsoft exposes Firefox users to drive-by malware downloads
« Reply #21 on: October 17, 2009, 11:33:52 AM »
Sorry for the repost, just that I am still a little uncertain.

1. What do these extensions and plugins actually do?

2. Is my computer (and Firefox) secure now that I have disabled:

Extensions: 'Microsoft .NET Framework Assistant 1.1'
Plugins: 'Windows Presentation Foundation 3.5.30729

but not disabled:
Plugin: Microsoft DRM 9.0.0.4503 - DRM Netscape Network Object
Plugin: Microsoft DRM 9.0.0.4503 - DRM Store Netscape Plugin?

3. Should I disable or uninstall the above?

4. If I did disable or uninstall them, what would the effect be on my system?

Thanks!

Avastfan1
Window 7 Home Premium - Avast Pro 7.0.1474 - PC Tools Firewall Plus 7.0.0.123 - MBAM 1.70 - Firefox 17.0.1 - NoScript 2.6.4.2 - Adblock Plus 2.2.1

Offline Omid Farhang

  • Malware Hunter
  • avast! Evangelist
  • Super Poster
  • ***
  • Posts: 1658
  • Gender: Male
  • I wish I could write longer personal text!!
    • Omid's Site
    • Personal Message (Offline)
Re: Microsoft exposes Firefox users to drive-by malware downloads
« Reply #22 on: October 17, 2009, 11:44:07 AM »
Sorry for the repost, just that I am still a little uncertain.
it's ok, no problem ;)

1. What do these extensions and plugins actually do?
.Net Framwork plugin allow you run programs directly from Web/Internet
WPF: http://en.wikipedia.org/wiki/Windows_Presentation_Foundation

2. Is my computer (and Firefox) secure now that I have disabled:

Extensions: 'Microsoft .NET Framework Assistant 1.1'
Plugins: 'Windows Presentation Foundation 3.5.30729
Yes, Disable is enough, maybe one day you need them, so you can easily enable them, use them and then again disable it ;)

but not disabled:
Plugin: Microsoft DRM 9.0.0.4503 - DRM Netscape Network Object
Plugin: Microsoft DRM 9.0.0.4503 - DRM Store Netscape Plugin?

3. Should I disable or uninstall the above?
Yes, you can "Disable" them.

4. If I did disable or uninstall them, what would the effect be on my system?
You would "Prevent" running some application from "Web" into your computer when you are visiting unknown sites using that browser which has those Plugin/addons installed, usually all those applications are dangerous applications, so it's more safe we use none of those online applications. almost every good programs is available to download manually and scan via antivirus/spyware and then run inside computer, not using those plugins and online in browser.

Thanks!
you're welcome, I hope none of my advices are wrong.
« Last Edit: October 17, 2009, 03:11:41 PM by Omid Farhang »

Offline Alan Baxter

  • avast! Evangelist
  • Poster
  • ***
  • Posts: 412
    • Personal Message (Offline)
Re: Microsoft exposes Firefox users to drive-by malware downloads
« Reply #23 on: October 17, 2009, 02:58:05 PM »
Good questions, Avastfan1.  Omid Farhang is giving you good advice on all four items.

but not disabled:
Plugin: Microsoft DRM 9.0.0.4503 - DRM Netscape Network Object
Plugin: Microsoft DRM 9.0.0.4503 - DRM Store Netscape Plugin?

3. Should I disable or uninstall the above?
Yes, you can "Disable" them.

You don't need to disable them to make Firefox more secure, but there's no need to leave them enabled if they're not being used.

Quote
4. If I did disable or uninstall them, what would the effect be on my system?
You would "Prevent" running some application from "Web" into your computer when you are visiting unknown sites using that browser which has those Plugin/addons installed, usually all those applications are dangerous applications, so it's more safe we use none of those online applications. almost every good programs is available to download manually and scan via antivirus/spyware and then run inside computer, not using those plugins and online in browser.

I agree.  Disabling 'Microsoft .NET Framework Assistant 1.1' and 'Windows Presentation Foundation 3.5.30729' will make Firefox more secure.  That's why Mozilla started doing that automatically twelve hours ago.

Offline Avastfan1

  • Advanced Poster
  • **
  • Posts: 968
  • Gender: Male
    • Personal Message (Offline)
Re: Microsoft exposes Firefox users to drive-by malware downloads
« Reply #24 on: October 17, 2009, 06:05:41 PM »
Dear Omid and Alan,

I thank you both very much for sharing your expertise and advice. It really is very much appreciated.

Enjoy the rest of the weekend!

Best wishes,

Avastfan1
Window 7 Home Premium - Avast Pro 7.0.1474 - PC Tools Firewall Plus 7.0.0.123 - MBAM 1.70 - Firefox 17.0.1 - NoScript 2.6.4.2 - Adblock Plus 2.2.1

Offline Alan Baxter

  • avast! Evangelist
  • Poster
  • ***
  • Posts: 412
    • Personal Message (Offline)
Re: Microsoft exposes Firefox users to drive-by malware downloads
« Reply #25 on: October 17, 2009, 07:28:13 PM »
You're welcome.  Enjoy your weekend too!

Offline Omid Farhang

  • Malware Hunter
  • avast! Evangelist
  • Super Poster
  • ***
  • Posts: 1658
  • Gender: Male
  • I wish I could write longer personal text!!
    • Omid's Site
    • Personal Message (Offline)
Re: Microsoft exposes Firefox users to drive-by malware downloads
« Reply #26 on: October 17, 2009, 08:42:26 PM »
Dear Omid and Alan,

I thank you both very much for sharing your expertise and advice. It really is very much appreciated.

Enjoy the rest of the weekend!

Best wishes,

Avastfan1
you're welcome

have fun!

Offline Rumpel

  • avast! Evangelist
  • Advanced Poster
  • ***
  • Posts: 953
  • The poster formerly known as - Rumpelstiltskin®
    • Personal Message (Offline)
Re: Microsoft exposes Firefox users to drive-by malware downloads
« Reply #27 on: October 18, 2009, 11:13:08 AM »
Update: Mozilla took a move on this issue.
Mozilla Disables Microsoft's Insecure Firefox Add-on

Offline YoKenny

  • Serious Graphoman
  • **
  • Posts: 8800
  • Gender: Male
    • Personal Message (Offline)
Re: Microsoft exposes Firefox users to drive-by malware downloads
« Reply #28 on: October 18, 2009, 11:43:57 AM »
Reads like a tempest in a teapot to me.
E5200 2.5GHZ, 4GB RAM, 320GB HD, Windows 7 Home Premium 64bit, avast! V9.0 Free, IE10
P4 2.8GHZ, 1.5GB RAM, 40GB HD, XP Pro SP3 32bit, avast! V9.0 Free, Google Chrome
with hpHosts, MVPS HOSTS files, SpeedFan, WinPatrol PLUS

Offline Rumpel

  • avast! Evangelist
  • Advanced Poster
  • ***
  • Posts: 953
  • The poster formerly known as - Rumpelstiltskin®
    • Personal Message (Offline)
Re: Microsoft exposes Firefox users to drive-by malware downloads
« Reply #29 on: October 18, 2009, 12:21:02 PM »
Of course, for IE users, it shouldn't be a problem.

To be honest, as a use of Firefox, it's quite shocking since this kind of vulnerability is tough to be recognized by the users.  I linked Secunia's vulnerability reports at times but the info is pretty useless for this type of vulnerability.  Also, some of us use browsers other than IE since IE is too tied to the OS.  However, this kind of recognition is proven wrong when the OS "introduces" the same vulnerability with IE like in this case.

I leave the readers whether they take this as yet another anti-MS message or not (to be honest, I'm rather tired of "political" discussions simply because their repetitive nature) but, practically, as users, we have to deal with the outcome of any kind of vulnerability issues to protect our "assets", no matter how it managed to come into our systems.
« Last Edit: October 18, 2009, 12:22:59 PM by Rumpel »

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now