Back in February of 2009, Microsoft released a very sneaky and quiet update to Windows. The update was a firefox add-on that was added automatically. It’s labelled ‘Microsoft .NET Framework Assistant,’ and it ‘Adds ClickOnce support and the ability to report installed .NET versions to the web server.’
The Microsoft engineers described the possible threat as a “browse-and-get-owned” situation that only requires attackers to lure Firefox users to a rigged Web site.