Microsoft stealthily installs a Firefox add-on that cannot easily be uninstalled

Hi malware fighters,

A number of users have come aware to the fact that Microsoft with the .NET 3.5 SP1 installation secretly installs a Firefox add-on. This is why for instance on the download-site of Google Chrome a license agreement has to be accepted: without further notification the application is being downloaded and installed. Standard the settings for the “.NET Frameworks Assistant” are that no alert is being shown when so-called ClickOne applications are being opened: http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2009/05/22/the-sneaky-ms-clickonce-firefox-add-on.aspx

The settings of the add-on can be changed around, but it is very hard to uninstall. “We have added support on machine level, so the feature can be used by all computer users, also the add-on has been grayed out and cannot be uninstalled just like that by standard users, while standard users are not allowed to uninstall software on machine-level”, according to Microsoft’s Brad Abrams here: http://blogs.msdn.com/brada/archive/2009/02/27/uninstalling-the-clickonce-support-for-firefox.aspx

So if malcoders add software that cannot be easily uninstalled on machine-level they are considered cybercriminals, but when MS applies an add-on through the same sneaky methods (without being open and upfront about it, with the lame excuse it is because the poor n00b-users would else be without this feature (that does not benefit them) everything at once is OK.

polonus

Damien,
Is it affecting my security? Does it slow down FF or my system?
Does it compromise my security ?
Does it make things easier or quicker ?

Hi bob3160,

I think that is not even the issue here. I think this goes a bit beyond spyware even… Changing the working of third party software (here Mozilla’s) without an explicit acceptance by the end user, and it does not matter if this is through a hack or via an add-on, is judiciously unacceptable. While MS is the owner of the Operational System does not give them the automatic right to change the workings of third party software.

And I think they understood this was bad PR for them, because they want to offer the support now at an install on a per-user basis and not further install it over the user’s head per machine level.
What we can do inside Fx with this sneaky Microsoft propriety software install is disable it, it can be uninstalled but that is not that easy for the common user.
IE has it by default, and I do not have it in Fx, because I run a developers test version:
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1pre) Gecko/20090525 Shiretoko/3.5pre ID:20090525041408 which does not have this MS present,

polonus

This is quite interesting, and very sly

How can we tell if we have it?
would it be in the addon list?

-Scott-

I think that is not even the issue here.
Damien, For me, that is or would be an issue. The rest is simply symantecs ....

It would be an issue and MS would be screaming blue murder if Mozilla added something to IE.

I guess I don’t have to worry as I don’t use Firefox.

Here we go.

Micro$oft at it again. They really are cunning stunts.

Can anyone tell me how to check if this piece of shit is installed on my machine?

Would be very grateful!

Thanks in advance!

Hi Polonus

to include Adobe in topic thread as well.

When download Adobe free products (Reader, Flash Player, Shockwave, etc…) you have to read every page carefully to make sure you are not picking up extra addons, mainly Google toolbar.

Flash Player download will already have the checkbox ticked for addon Google toolbar (from my local connect to web anyway - there may be a difference depending on where you connect from, Google seem to be very forward with their localisation functionality(s).

Wise advice from Mkis.

I really dislike stuff like that.

Hi Avastfan1,

Here is the uninstall information:
http://blogs.msdn.com/brada/archive/2009/02/27/uninstalling-the-clickonce-support-for-firefox.aspx

polonus

I’m using firefox portable, would this be a problem for me?
The uninstall instructions refer to the registry but my version is not local

-Scott-

Hi Scott,

In spite of your Fx being portable, these install settings are on your main drive, even when you for instance have the portable running from a pen drive,

polonus

Thanks for confirming Polonus,

Had a look in the registry, turns out it’s not there so it doesn’t really matter

Odd though that there is stuff in the registry, FF Portable is advertised as not leaving anything on the host machine, but I suppose that only covers the program itself, not the addons

Still though very wrong on Microsoft’s account, as DavidR said, had the tables been turned - there would have been uproar

AvastFan1,
Like the wordplay ;D

-Scott-

Hi Scott,

That is true, always need an additional crap cleaner to cleanse all trails of it, like ATF Cleaner or ClearProg. I use these tools to cleanse crap just before I shut down after every Windows session.
The man responsible for this Firefox add-on: http://weblogs.asp.net/scottgu/archive/2008/05/12/visual-studio-2008-and-net-framework-3-5-service-pack-1-beta.aspx
Every time the MS propriety application is being updated, you would get it for free in Fx. I have put a posting in the NoScript forum, because it also has scripting implications as well. I am rather curious about Giorgio Maone’s reply to this silent MS-add-on install into Fx and at what level they made the decision in Fx development to go along with this install performed over the heads of the common users of the browser.
It is a sign of the times that the end user now has to look out for himself referring here. Policies that are getting more and more “out of balance” as you grasp what I mean to say here,

polonus

Polonus,

I have FF clear everything itself after every session, but then this may not be enough…

That guy probably wont be very popular for a while :slight_smile:

As you said, we have to be VERY careful what we install nowadays, with MS exploiting every loophole possible.
It’s a good thing there are some out there that can help us who don’t know (you included ;))

-Scott-

Hi spg SCOTT,

Well more of this discussion starting to evolve here:
http://forums.informaction.com/viewtopic.php?f=8&t=1446&p=4843#p4843
And interesting to see what they will respond to me asking this:

Thanks for that explanation, but is not it unusual for MS to install propriety software in this way without asking the end user specifically if they like to install this? What they will do to their OS that’s their business, but what they do to third party software (Mozilla’s fx) can that be done over the head of the users or was this brought in with explicit consent of the developers of Firefox 3.5
and here:

can you confirm this was being brought in by developer consent? I think it will be a better policy if these silent global add-on installs can be performed on a "per user basis", where the end user can decide whether he wants the added feature installed or not
So where you come to your conclusion that you have to be very attentive to what you agree when installing something onto your machine, you are absolutely right. Sign of the times that is where it is going. If users don't wake up or protest to it it will be customary policy, From fx standpoint this is what is meant by a global install: http://www.ghacks.net/2007/11/12/install-firefox-add-ons-for-all-users/ About the dangers of this add-on in Fx: This update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for websites to easily and quietly install software on your PC. Since this design flaw is one of the reasons you may've originally choosen to abandon IE in favor of a safer browser like Firefox, you may wish to remove this extension with all due haste.

Unfortunately, Microsoft in their infinite wisdom has taken steps to make the removal of this extension particularly difficult - open the Add-ons window in Firefox, and you’ll notice the Uninstall button next to their extension is grayed out! re: http://www.annoyances.org/exec/show/article08-600

polonus

Damien,
I still want to know what harm this install is doing to my system if any ???
Up till now, that question hasn’t been answered. The M$ bashing is in full force but,
I still can’t figure out what harm that install is doing to my system ???

I still can't figure out what harm that install is doing to my system
it's in my add-ons also but should i disable it-leave as is if it is doing no harm as Bob mentioned or http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=cecc62dc-96a7-4657-af91-6383ba034eab As a result, the Uninstall button will be functional in the Firefox Add-ons list after this install and then uninstall it or WHAT ::) ::) ??? ??? ???

Hi bob3160,

This has nothing to do with MS bashing. You can read:

the ability for websites to easily and quietly install software on your PC
, and that is a reason for some to switch to Fx in the past. If MS brings this silently into Fx with or without consent of the Fx developers it “could” be putting my OS at risk while using Fx.
I liked MS from the days that they neatly prompted us in a polite way like “Do you really want to do this?”.
Since Vista I missed that.
And again this has nothing to do with MS or Mac or linux. This is upbuilding criticism, not windows bashing. If one has criticism of something that is wrong with the Windows platform is that Windows bashing, or is it so that there is no room anymore for criticism. I do not care if it is Windows or Google or whatever, I just want the users of Firefox to know, and the users of IE8 also since this was brought in and did not add security.
Bob3160, I am trained at Microsoft Education Center and my Certificates of Achievement are hanging on the wall in my computer room. Am I a Windows basher?

Damian