I wrote the truth on my blog: Microsoft agreed that we should block both, and later told me that both add-on and plugin were vulnerable. When they sent me a correction to their assessment, which now confirmed that the add-on *was not* a way to exploit this vulnerability, we removed the add-on from the block list.

Feel free to use the email address for this comment if you'd like to learn more about what actually happened.

(The certificate error on the more-info page was indeed a dumb mistake, and we've repaired it. Nostra culpa.)

Anything which installs without explicit consent should be blocked, and stay blocked, including this sneaky plugin.

Any time I see this garbage, both the registry entry and the plugin dll get deleted; no mercy!

I noticed Firefox had disabled my WPF plugin. Clicking on "More information" I get a warning that the Mozilla site linked to has an invalid certificate. Pot calling the kettle black?

I understand. But because of the second plug-in that Microsoft forcefully installed in everybody's Firefox, everybody's got a problem. The only solution is to scramble and block it all.

Reading on the newer news, Mozzarella already knows about the .NET thingy, but the WDF carp continues being carp. There's a fix coming for you, it seems.

But I'm still pissed at the Vole and dissapointed with the plug-in liberty that Mozilla hands everyone. Hmpf.

Stupid Mozilla foundation removed a plugin without giving me even the slightest option to ignore it. Way to go, now I can no longer use Firefox at work due to it no longer playing nice with .NET applications.

Say what you want but at least the evil vole gives you the option to not install it's upgrade. Where's my option to re-enable my plugin, especially given that the plugin isn't a security threat.

Stupid vole installed this carp on my Firefox without my consent. I disabled both plugins, including some retarded Google plugins that also hooked up without authorization, before this story broke out.

When will stupid companies stop pushing stupid carp on our machines? And when will Mozzarella stop allowing plugins to install like that? Got malware?!?!