Featured:
Allergies
Tech Know
Grilling Guide
eHow Now Blog

What Are Wpf Plugins for Mozilla Firefox?

WPF plugins are a series of plugins that were released by Microsoft alongside new versions of the Microsoft .NET Framework. The plugins were found to give hackers a vector of attack for people using them with either Firefox or Internet Explorer. If you have not applied the prescribed fix from Microsoft and have not disabled the plugins, your machine could be at risk.

  1. Windows Presentation Foundation Plugin

    • When you download and install Microsoft .NET Framework version 3.5, the Windows Foundation Plugin also installs to Firefox. The Windows Presentation Foundation is software that software engineers can use to make Windows-based user interfaces more dynamic. The Firefox plugin extends these capabilities to the Web browser. However, if you install the plugin via .NET Framework version 3.5, you can only disable it -- you cannot uninstall it without uninstalling .NET.

    Security Concerns

    • WPF plugins allow special programs to launch in your browser. For instance, Microsoft Silverlight, like Flash, enables you to view video in your browser. You are using the WPF plugin when you interact with any of the player's buttons. These types of browser-based programs are known as XAML Browser Applications. A security threat was recognized by Mozilla Foundation in which a website could potentially gain access to your computer through one of these WPF-powered programs. Accordingly, Firefox placed this plugin on a blacklist and worked with Microsoft toward a solution.

    Response From Mozilla Foundation

    • The Mozilla Foundation feared that because users could not uninstall the plugin, they would assume that they could not disable it either. The blacklist prompted affected users with a popup when they started Firefox that asked them if they wanted to disable the plugin. It also warned them that leaving the plugin enabled could expose them to danger. Microsoft released a patch in late 2009 in response to the vulnerability threat.

    Disabling WPF Plugins

    • If you see a WPF plugin in Firefox, either for version 3.5 of Microsoft .NET Framework or above, disable it by clicking the orange Firefox tab, "Add-ons" and then "Plugins." Select "Windows Presentation Foundation" and click "Disable." The MS09-054 patch released by Microsoft addresses the security risk posed by WPF plugins. If you have previously disabled any of these plugins, but have installed this patch, then it is safe to enable the plugins again.

Related Searches:

References

Resources

Comments

Related Ads

thumbnail
Featured