Uninstalling the Clickonce Support for Firefox


A couple of years ago we heard clear feedback from folks that they wanted to enable a very clean experience with launching a ClickOnce app from FireFox.  James Dobson  published FFClickOnce and got very good reviews, but we had many customers that wanted ClickOnce support for Firefox built into the framework… so in .NET Framework 3.5 SP1 we added ClickOnce support for Firefox!     This made ClickOnce apps much more accessible to a wide range of customers.   


 


We added this support at the machine level in order to enable the feature for all users on the machine.  Seems reasonable right?  Well, turns out that enabling this functionality at the machine level, rather than at the user level means that the “Uninstall” button is grayed out in the Firefox Add-ons menu because standard users are not permitted to uninstall machine-level components.  



 



Clearly this is a bit frustrating for some users that wanted an easy way to uninstall the Clickonce Support for Firefox.  But good news!  We have a fix in place (enabling each user to uninstall the feature for themselves) and our testing team is making sure that is rock-solid now.. I expect that to be out in the next few weeks.   I’ll be sure to post more information on that when I have it. 


 


Update (5/2009):  We just release an update to .NET Framework 3.5 SP1 that makes the firefox plug in a per-user component.  This makes uninstall a LOT cleaner.. none of the steps below are required once this update is installed. 


 


Update to .NET Framework 3.5 SP1 for the .NET Framework Assistant 1.0 for Firefox



In .NET Framework 3.5 SP1, the .NET Framework Assistant enables Firefox to use the ClickOnce technology that is included in the .NET Framework. The .NET Framework Assistant is added at the machine-level to enable its functionality for all users on the machine. As a result, the Uninstall button is shown as unavailable in the Firefox Add-ons list because standard users are not permitted to uninstall machine-level components. In this update for .NET Framework 3.5 SP1 and in Windows 7, the .NET Framework Assistant will be installed on a per-user basis. As a result, the Uninstall button will be functional in the Firefox Add-ons list. This update will also make this version of the .NET Framework Assistant for Firefox compatible with future versions of the Firefox browser. Updates to the .NET Framework Assistant may include updates to the Windows Presentation Foundation Plug-in for Firefox causing it to be enabled upon its initial update.


 ————————————————–


 


In the meantime, if you want to disable the Clickonce Support for Firefox here are the steps directly from the dev in charge.. 


 


Stop-gap Solution To uninstall the ClickOnce support for Firefox from your machine


 


1) Delete the registry key for the extension


i.                     From an account with Administrator permissions, go to the Start Menu, and choose ‘Run…’ or go to the Start Search box on Windows Vista


ii.                   Type in ‘regedit’ and hit Enter or click ‘OK’ to open Registry Editor


iii.                  For x86 machines, Go to the folder HKEY_LOCAL_MACHINE > SOFTWARE > Mozilla > Firefox > Extensions


For x64 machines, Go to the folder HKEY_LOCAL_MACHINE > SOFTWARE > Wow6432Node > Mozilla > Firefox > Extensions


iv.                 Delete key name ‘{20a82645-c095-46ed-80e3-08825760534b}’


 


    OR alternatively


i.                     Open a command prompt window (must be ‘run as Administrator’ on Vista and later)


ii.                   Copy and paste the appropriate command below and hit ‘Enter’


             For x86 machines:
                  reg DELETE “HKLM\SOFTWARE\Mozilla\Firefox\Extensions” /v “{20a82645-c095-46ed-80e3-08825760534b}” /f


             For x64 machines:
                 reg DELETE “HKLM\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions” /v “{20a82645-c095-46ed-80e3-08825760534b}” /f


 


2) Reset the changes made to the Firefox user agent


                i. Launch Firefox, go to the Firefox address bar and type in ‘about:config’


                ii. Scroll down or use ‘Filter’ to find Preference name ‘general.useragent.extra.microsoftdotnet’


                iii. Right-click on the item and select ‘reset’


                iv. Restart Firefox


 


3) Remove the .NET Framework extension files


                i. Go to the Start Menu, and choose ‘Run…’ or go to the Start Search box on Windows Vista


                ii. Type in ‘explorer’ and hit Enter or click ‘OK’


                ii. Go to ‘%SYSTEMDRIVE%\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\’


                iii. Delete the ‘DotNetAssistantExtension’ folder and all its contents


 


 

ClickOnceFireFox.jpg

Comments (36)

  1. Paw says:

    How do I install the Microsoft .NET Framework Assistant?

    I installed .net 3.5 SP1 on my machine before I installed Firefox, which means that Microsoft .NET Framework Assistant is not present as an add-on in Firefox.

    Can anybody help?

  2. Link Listing – February 26, 2009

  3. Podcasts Recording of Sebastien Lambla @ E-VAN 25 February 2009 [Via: Jan Van Ryswyck ] DNN Change…

  4. What's New says:

    A couple of years ago we heard clear feedback from folks that they wanted to enable a very clean experience

  5. Seth D says:

    The right way would have been to just publish the add-on at https://addons.mozilla.org/en-US/firefox/

  6. buzz says:

    Εξεζητημένο, αλλά ας βρίσκεται.

  7. Javier C says:

    I agree with Seth, you did something quite irritating and that personally reduced more my trust in Microsoft.

  8. Adam says:

    People just need to chill out.  It happened, it’s being fixed.  The better way would have made it an optional update or an opt-in checkbox on the SP1 install.

  9. Thank you for submitting this cool story – Trackback from DotNetShoutout

  10. cmroanirgo says:

    Adam, I think you missed the point. This addon should never have been installed in the first place, and it is that issue that Seth and Javier C is most likely commenting on.

    The auto installation borders on malware. In fact, I now regularly check my Firefox addins after installing Microsoft products, just for the pleasure of disabling them:

    2007 Microsoft Office system

    Windows Presentation Foundation

    …just to name the two ‘addons’ installed on my machine that have ABSOLUTELY no place in firefox.

    I agree that trust in Microsoft is dwindling rapidly.

    FYI. I have been developing products for windows since windows 3.0.

  11. btshaw says:

    I have both IE and FF installed and use FF unless I absolutely have to use IE.

    My question is, if I follow the delete info given above to "uninstall the ClickOnce support for Firefox" (NET.framework), does this mean the NET.framework support for IE will also be gone?

    Thanks.

    BT SHaw

  12. Bill says:

    These uninstall steps are a joke.

    I agree with Seth.  MS can certainly make an addon available like everybody else or else directly negotiate with the Firefox developers to make it part of the standard install.  Just adding it to another program without user authorization certainly crosses the line.

    Again this is an example of MS not respecting it’s users and simply doing whatever it wants.

  13. BradA says:

    Paw – THe .NET Framework Assistant is installed as part of the .NET Framework 3.5 SP1 install.  If you don’t see it you can do a repair on the .NET Framework 3.5 install.   the order of install of FireFox and .NET Framework 3.5 SP1 should not mater.  

    btshaw –  The CO support for IE will NOT be uninstalled by following these steps, so you should be OK

  14. prc says:

    Yet once again MS is TOO big for it’s britches.

    I prefer that I get to decide what gets added to my Firefox installation. WTF were you folks thinking?!

    Show some respect before you go mucking about with a non-Microsoft application.

    You have the right to Fup any of your apps but you’ve crossed the line here (yet again)

  15. Fazal Majid says:

    It’s bordering on malware all right. On the wrong side of the border.

    Installing this garbage without the user’s permission is simply inexcusable. The fact that this ClickOnce functionality allows the installation of native apps from a web browser makes it a security hole to be banned from my systems like ActiveX, not something to be desired.

    Are you trying to get Adobe to join in on the "hit the MS pinata at the European Commission" bandwagon? With this action, they can make the case that MS is leveraging the Windows monopoly to compete unfairly with Flash and in the RIA space. In fact, if they did, they would have a good likelihood of succeeding.

  16. Dave Spart says:

    ‘We added this support at the machine level in order to enable the feature for all users on the machine.  Seems reasonable right?’

    Er, no, it seems completely unreasonable to most people and probably criminal.

  17. aduh says:

    ‘We added this support at the machine level in order to enable the feature for all users on the machine.  Seems reasonable right?’

    Sounds good to me. Since I don’t know what its good for, maybe some other… erm… "users" will find a use for it.

  18. Scott says:

    Don’t install garbage without a users consent and then make it where it has to be manually removed.  This pissed people off bigtime, like ME!

  19. Scott AGAIN says:

    Sorry…What I am referring to is the Firefox extension you added with .NET with some update for windows, in which you DID NOT ASK if the user wanted this extension or not!

  20. Chris says:

    Obviously, everyone is already aware that this was a ridiculous move from Microsoft. (as evidenced by the author’s link to the slashdot article, and all the comments here).

    In any case, here’s another "Amen" for Seth D’s comment on Feb 27. Firefox add-ons belong at addons.mozilla.org.

    Opt-in = happy users.

    Not bothering to ask = angry users.

  21. Bander Me says:

    "We added this support at the machine level in order to enable the feature for all users on the machine.  Seems reasonable right?"

    No. It is not reasonable. You are abusing your power of running updates at a system level that many users (in particular in corporate environments) have no control over. Those users, who may have chosen Firefox in order to avoid dangerous exposure to inherently insecure technologies like ActiveX are now not only incapable of removing that extension, they are exposed to the very danger they are trying to avoid – unauthorized random installations of code into an insecure operating system.

    Seems reasonable? No, Sir. There is nothing reasonable about

    a) Not telling users that you are installing something as dangerous as ClickOnce (there is no reason to expect Microsoft to have learned much of a lesson about making Windows secure)

    b) Not giving them the option to opt-out

    c) Not allowing them to remove such a dangerous component.

    There is NOTHING reasonable about this.

  22. Rob J says:

    I agree with most comments that it shouldn’t have been installed the way it was.

    One question seems to have not been covered. If you actually want this add-on, but want it as a user level add-on (like most of them are) is there a way to install it that way? Click-once is not evil if you have to roll out new versions of your application to many users on a regular basis – the key is to not be sneaky about it – user dialogs, event log entries, etc… are all in order. Some folks just don’t have the skill to download and install an app, it just has to work.

    There are legitimate reasons to want a machine level install (company wide policy for instance), why not provide instructions to install that way and leave it up to an administrator to roll out that way if they want to, but keep the user mode install the default?

  23. Anon says:

    They did it on purpose with the intention of making Firefox suffer from security issues as much as IE. Functioning as intended, move along and carry on with your business.

  24. PK says:

    Dubious behavior has such doesn’t endear the MS behemoth any more to an informed public.

    There are NO guarantees on MS remaining here FOREVER/PERMANENTLY.  Ozymandias.

    And continuing to execute brazen tactics as such will result in an exodus to a competitor that offers a well-priced, less intrusive product if/when the time comes.  Brand loyalty.  Gimme a break.  NO ONE shouts I heart MS from the top of a skyscraper.  This is a company that wins strictly by default and not b/c it’s actually producing good work.

    Brazilian government favoring Linux over MS on their machines – then MS offering a minimal version of their OS at a reduced price?  For fear of losing sales and profit.

  25. Eddie says:

    individual user: they can install this as an user add on, if they want to

    Corp users: sys admins can decide if this junk gets deployed or not

    What the heck MS doing butting in?

    next time come up with a better excuse. you could have just said, my dog eat my code.

  26. ThermIt says:

    The only mistake of Microsoft is what they added it to the "addons" page. If they would add something to the "plugins" page nobody would notice it.

  27. ThermIt says:

    Oh, sorry, "addons" means "extensions"

  28. annoyed says:

    I hope that Mozilla release a patch in the next Firefox that removes your extension.

    i dont want you installing crap into my machine without my consent.  The reason I use FF is that IE is a huge insecure POS and insecure as hell.  If I wanted an insecure browser, I would use m$ crap.

  29. Silvr says:

    According to annoyances.org (http://www.annoyances.org/exec/show/article08-600)

    "This update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for websites to easily and quietly install software on your PC."

    Question is :

    Is the above statement true. Is Brad Adams or anyone from Microsoft able to disprove it.

    I respect this site since it gave me a lot of help for a lot of stuff microsoft had long-since discontinued support for, and it has provided me great troubleshooting advice.

    I agree with other comments that this  secret install borders on the level of malware.(Sony anyone?)

    It was stupid on Microsofts part for the following reasons :

    1. Risking flak from security community and firefox community(if this indeed creates vulnerabilities in firefox)

    2. Add the fact this was install without any user notification or consent. All my other plugins and extensions were installed with permission from me.

    3. Risk antitrust allegations for using microsoft update to promote microsoft products over other(java).

  30. Silvr says:

    oops.. sorry for mispelling your name Brad.

  31. K says:

    Makes you wonder what else MS is installing without your knowledge…?

  32. Pat says:

    I’m pretty protective about my computer.

    The moment you start letting companies install whatever they want… is when you start getting bugs and malware creeping in.

    Microsoft Update told me it would give me a critical update to the .NET framework. No notification, even in the fine print, about a Firefox add-in.

    You raped my virgin daughter and then said, "But I thought I told you I was taking her out for a date? And you weren’t going to take her anyway, so who cares?" Listen, I don’t care what your excuse is, I want to KNOW and CONSENT before you interfere with my precious love.

  33. mary Ung says:

    Dear Brad,  

    thank you so very much for further insight into MS thinking …

    obviously you don’t believe what you say  …

    a bit like BUSH ….

    for you though, you just write what you are paid to do …

    having read your page, we are convinced to staying on and recomending illegale copies as MS yet has shown it abuses its paying customers

    thank you again

  34. With Firefox, I just went to download a certain new version 2.0 web browser and and was surprised that

  35. spatieman says:

    cool featue of spyware.

    when will there be a MS update that removes firefox, and forces all users to use internet explorer.

    so that machine can FASTER infected with virussus.

    dont forget one thing, any stupid user (99%) just click on anything thet get below  there mouse..

  36. dan's blog says:

    Digg links an article from The Washington Post’s blogs explaining that the last MS .NET update, delivered via Windows Update, silently installed a Firefox extension. I wasn’t aware of it but I found it on my work PC too! Uninstallation is pretty com..