Results 1 to 9 of 9
  1. #1
    Super Moderator BATcher's Avatar
    Join Date
    Feb 2008
    Location
    A cultural area in SW England
    Posts
    3,413
    Thanks
    33
    Thanked 195 Times in 175 Posts
    Very recently I'm getting the following screen:

    [attachment=86053:BadAddons.GIF]

    From Googling, it seems that this problem is well-known, but not currently completely removable...
    Attached Images Attached Images
    BATcher

    Time prevents everything happening all at once...

  2. #2
    Super Moderator BATcher's Avatar
    Join Date
    Feb 2008
    Location
    A cultural area in SW England
    Posts
    3,413
    Thanks
    33
    Thanked 195 Times in 175 Posts
    I see that Woody has posted about it, but in my instance I've had it happen at least twice. Maybe I didn't restart?
    BATcher

    Time prevents everything happening all at once...

  3. #3
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    You beat me to it. I just got that on both of my system in the past 12 hours. I assume I'm not missing anything important by having these add-ons disabled, but I guess we'll see.

  4. #4
    Platinum Lounger
    Join Date
    Jan 2001
    Posts
    3,788
    Thanks
    0
    Thanked 1 Time in 1 Post
    If you have the MS updates released on their patch Tuesday on 14th October 2009 (Microsoft Security Bulletin MS09-054), the security vulnerability that was exposed through these add-ons was patched. The actual Microsoft add-ons are not changed when the patch is applied so there is no way for Firefox to see if the your computer has the patch applied or not, which was one of the reasons why these add-ons were blocked.

    Many people will not notice any difference with these add-ons blocked. Even though they are widely installed they are not widely used. If you use any ClickOnce apps you will no longer be able to access them through Firefox.

    Though the ability to block add-ons has been an option in Firefox for some time, this is probably the first time that most people would have seen it. Most other times that it has been used it was for add-ons with a relatively small user base. It has been used to block an old version of QuickTime, though that mainly impacted upon Windows 2000 users who could not update to a more recent version of QuickTime. So far Mozilla have not chosen to block any widely used add-ons, for example versions of Adobe Flash that have security exploits.

  5. #5
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post
    Add me too, all of a sudden. What's puzzling to me is that I'm a bit behind on my updates and don't even have 974455 installed, if that's the patch culprit.

  6. #6
    Platinum Lounger
    Join Date
    Jan 2001
    Posts
    3,788
    Thanks
    0
    Thanked 1 Time in 1 Post
    Every version of the Firefox .NET Framework and Windows Presentation Foundation add-ons have been blocked whether 974455 is installed or not (974455 fixes the vulnerability).

  7. #7
    2 Star Lounger
    Join Date
    Feb 2009
    Posts
    132
    Thanks
    0
    Thanked 0 Times in 0 Posts
    [quote name='TonyE' post='798596' date='17-Oct-2009 22:04']Every version of the Firefox .NET Framework and Windows Presentation Foundation add-ons have been blocked whether 974455 is installed or not (974455 fixes the vulnerability).[/quote]


    Hi all,
    Same for me. Firefox has detected and disable the 2 above add-ons and I have not downloaded the update.
    Comment section on MS09-054 and Firefox post

    I'll leave it as it is. Everything works very well without it..

  8. #8
    Platinum Lounger
    Join Date
    Jan 2001
    Posts
    3,788
    Thanks
    0
    Thanked 1 Time in 1 Post
    Update: The .NET Framework Assistant add-on is no longer being blocked by Firefox. Investigation by Microsoft has confirmed that this add-on can not be used as a vector for the remote code execution vulnerability. ClickOnce apps will now work again in Firefox.

  9. #9
    Platinum Lounger
    Join Date
    Jan 2001
    Posts
    3,788
    Thanks
    0
    Thanked 1 Time in 1 Post
    Another update: If you have installed the patch detailed in Microsoft Security Bulletin MS09-054 you will not be susceptible to the security vulnerability.

    Mozilla have updated the blocking mechanism, by default the Windows Presentation Foundation plugin is still blocked, but if you wish you can re-enable the plugin. To do this go to the add-ons manager (in the menus select Tools > Add-on), then go to the Plugins tab, select the Windows Presentation Foundation plugin entry and click the Enable button.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •