Drive-by vulnerability for Firefox users with the .NET Framework Assistant

16 October 2009

Great. Way back in August 2008, I mentioned that the .NET Framework 3.5 SP1 would install a plug-in into Firefox called the .NET Framework Assistant.

Well it turns out it has a security vulnerability in a "drive-by and you're infected" scenario. The vulnerability uses a modified XBAP (XAML Browser Application) as the attack vector. It seems that Microsoft fixed IE during their Patch Tuesday this week, but apparently the problem is also present in the .NET Framework Assistant, which they didn't patch. ZDNet's story about it is here.

So, Firefox fans: disable the .NET Framework Assistant now (Tools | Add-ons | Extensions | Microsoft .NET Framework Assistant | Disable). I've just done it for both my machines.

PDC 2009 sponsor logo

3 comment(s)
Kevin McFarlane

Mine just popped up an automatic block dialog. Quite slick. Mind you, no idea how to get it back should I need it. It's now just listed as disabled with the Enabled button greyed out. ???

Maybe it will just re-appear and re-enable itself on the next .NET update?

17 October, 2009
Templarian

Yes, Mozilla will be re-enabling it themselves. It's a precautionary measure (was talking to a moz guy earlier about it).

19 October, 2009
Julian Bucknall (DevExpress)

Kevin: Over the weekend, it seems the Mozilla devs first automatically disabled the Assistant (I managed to disable mine before the command came down the wire), and then later, to re-enable it. So, it should enable itself automatically if you update FF.

Cheers, Julian

19 October, 2009

Please login or register to post comments.