Microsoft was quite upset with Google recently with the latter’s attempt to install a plugin ( Google Frame ) for IE; it seems though that it’s fine for Microsoft to install a plugin for Firefox – and it’s come back to haunt them with a security hole in the plugin that they silently installed!
Earlier this year, Microsoft was installing the Microsoft .NET Framework assistant into Firefox. The recommendation was to remove this but Microsoft had originally not given an option to do this. They capitulated and released an update to do so, however the update broke other extensions.
Now they’ve been silently installing a Windows Presentation Foundation plugin ( part of .NET Framework 3.5SP1 ) that allows the embedding of XAML applications in web pages ( thought they would have learnt with the Eolas patent lawsuit ). It seems that anything Microsoft touches turns to insecure; and I think this can easily be classed as malware.
It’s therefore a good thing that Mozilla have just released their Plugin Check system which could indicate security issues with plugins like the one above.