Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Warning -- Firefox users please read!

08 Jun 2009   #21
Ballistyx

Windows 7 RC build 7100x64 // 7260x32
 
 

Quote:
3. Delete the value named {20a82645-c095-46ed-80e3-08825760534b} from the right pane.
I done this on build 7201 and now im doing it on build 7100.. and there is no value name like that

Anyone got any ideas?

I still delete the files from the computer but the Reg file is not there at all to start with..


My System SpecsSystem Spec
.
08 Jun 2009   #22
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Yes, it was there on my build Win7 RC 7100. I was able to take ownership and delete the folder. Instructions were clear and concise.

I did a clean "Beta Win7" install when I had Vista Ultimate on this machine, then I did another clean install with Win7 RC 7100. I don't know if any of this matters . I haven't installed any other versions of Win7.

I installed Firefox App Version: 3.0.10 on 2009-05-06 ... so that's basicly what I've done.

I'm working with IE 8 to try and help those who use IE, tho'
My System SpecsSystem Spec
08 Jun 2009   #23
Ballistyx

Windows 7 RC build 7100x64 // 7260x32
 
 

Quote   Quote: Originally Posted by Jacee View Post
Yes, it was there on my build Win7 RC 7100. I was able to take ownership and delete the folder. Instructions were clear and concise.
hmm i wonder where mine has run off too then
My System SpecsSystem Spec
.

08 Jun 2009   #24
dmex

 

Im tempted to delete this thread permanently

Quote   Quote: Originally Posted by dmex View Post
Before anyone starts removing the plugin , they should try using a ClickOnce application to see just how Hyped this report has been...

I deploy applications via ClickOnce and there is no issue here with the way its been designed or deployed by Microsoft, they have worked on ClickOnce for the last 10 years and it has had zero security vulnerability's in its entire history, basically because the Source-Code for the .net Framework is viewable on every system using a program called Reflector (.NET Reflector, class browser, analyzer and decompiler for .NET).

Reflector is able to show you the Source Code to any .net framework based executable or dll file including the source to Microsoft's own .net Framework files, bugs and issues are found very early and if someone tried releasing a virus using ClickOnce, anyone can see the source code to their application.

Heres a screenshot of the System.Net.Security.dll found in the C:\Windows\Microsoft.NET\framework\ folder:



Heres a screenshot of an application Im developing for Sevenforums:



You can test your Firefox ClickOnce support Here: (by James Dobson)
ClickOnceTester

Testing Manual here: (by James Dobson)
FFClickOnce Testing Manual

By design, You see this security warning when applications are deployed via ClickOnce and also when the .net framework runs the application with low-rights, in that mode applications can not prompt for Elevation, can not access your entire system or make dangerous system changes.



ClickOnce applications have to request security permissions to do anything particularly nasty to your system. Yet this is not foolproof. A poor security configuration on your machine or a bug in the .NET Framework (none in the last 9 years) that could allow an application to do more than it should.

ClickOnce is blocked from being able to access system components, unless you have changed file ownership and reset file permissions to system files, then even restricted applications like ClickOnce will have full access to your system.

Seriously, ClickOnce is not a security issue unless you have changed the default security of system files
My System SpecsSystem Spec
08 Jun 2009   #25
Ballistyx

Windows 7 RC build 7100x64 // 7260x32
 
 

Quote   Quote: Originally Posted by dmex View Post
Im tempted to delete this thread permanently
Not to be rude but i dont know about other people but i seen your post and thought it was up to us if we want to remove the folders or not?

Sorry if you think im bring rude
My System SpecsSystem Spec
08 Jun 2009   #26
Faruk

Windows 7 RC build 7100
 
 

To dmex:

So in other words; there are no security flaws within the plugin?
My System SpecsSystem Spec
08 Jun 2009   #27
Mark

Windows 7 Ultimate Vista Ultimate x64
 
 

Yes that's what he was saying and I agree, there is no need to delete something just because Scaremonger made a thread about it, I hope no one makes a thread telling you to jump off a cliff .

Close the thread Dmex.
My System SpecsSystem Spec
08 Jun 2009   #28
Generator

XP Pro SP3 x86/Vista SP2 x64/Win7 x64 Triple-boot
 
 

I know I'm leaving it on my system, It's only a risk if you have messed with it default settings.. like most internet security settings, turn them off or down too much and things happen without telling or asking you.

I'm leaving it on because I develop for the web too and it's already had updates etc.
My System SpecsSystem Spec
08 Jun 2009   #29
dmex

 

Quote   Quote: Originally Posted by Ballistyx View Post
Not to be rude but i dont know about other people but i seen your post and thought it was up to us if we want to remove the folders or not?

Sorry if you think im bring rude
If you change or remove a single thing in \Microsoft.NET\Framework\ other than the DotNetAssistantExtension folder as others here have done, you will create an unknown amount of security vulnerability's and invalidate the Code Access Security used by .NET!

Clickonce deployment is restricted with low access rights, If UAC is disabled then it runs with that user's highest available access otherwise it runs with very resticted permissions and can not access your system.

Quote   Quote: Originally Posted by Faruk View Post
To dmex:

So in other words; there are no security flaws within the plugin?
None what so ever in its entire History.

The applications you download and use right now are Granted Full Trust, ClickOnce grants a very Limited set of permissions.

ClickOnce Can Not:
Install/Modify System Files
Install Drivers
Install Global Assembly Cache extensions
Install for Multiple Users
StartUp Automatically
Register/Modify FileTypes
Access/Modify the Registry
Patch/Modify any System Files, other Application Files or your Files
Install itself anywhere other than the ClickOnce application cache

Warning -- Firefox users please read!-clickonce.jpg

You can also view the source-code for any ClickOnce deployed application using Reflector.

It's only a risk if you have messed with it default settings!!!


My System SpecsSystem Spec
08 Jun 2009   #30
holo88

Windows 7 Ultimate x32
 
 

so, s%#t. how do i reinstall it
i dont even know where it came from, to be honest...
My System SpecsSystem Spec
Closed Thread

 Warning -- Firefox users please read!




Thread Tools




Similar help and support threads
Thread Forum
Warning 1909 Can't create .lnk due to read only setting problem
The C:\Users\All Users\Microsoft\Windows\Start Menu\Programs file is set to read only. Every effort to change this setting has failed, it always reverts back to read only. Cause of: "Warning 1909 Could not create shortcut.lnk Verify that the destination folder exists and that you can access it."...
General Discussion
windows 7 warning for outlook express users
I had to move up, should I say down, to Windows 7 from XP a few weeks back. If I had the time, I would have a bought another XP computer, but I had to have one that day and a problem forced me to get Windows 7. Unfortunately, it's worse than XP in many ways and I can't believe MS did it again. They...
Browsers & Mail
Ipod users / MP3 users -- Read this
Hi all I think anybody who like music knows this already but on a BLIND TEST 8 out of 10 people preferred the sound quality on Older gear with CD quality rtaher than the mp3 IPOD quality. BBC NEWS | Programmes | Working Lunch | Is the iPod generation missing out? enjoy. cheers jimbo
Chillout Room
Sharing a quick warning for steam users
Hi all Thought i would share this with u all, just incase. Please all steam users scan your PC. This is what virus i found last night, strange thing is i havent downloaded anything recently which makes me think it may be one of them time virus things. I tried to delete the following virus...
Gaming


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 16:54.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App