Recently some friends mentioned that they saw Firefox had block-listed some Microsoft WPF\ClickOnce add-ons. As Mike Shaver (VP Engineering for the Mozilla) noted in his blog post, this action is the result of Mozilla and Microsoft working together to protect customers in relation to Security Update MS09-054.
I think it is very important for Microsoft and Mozilla to collaborate so actively to help protect customers… in this case we all agreed it made sense to add the Microsoft add-in to the block-list. We also heard clearly that many customers, especially enterprise customers are relying on this add-on for their daily work. As such Mozilla and Microsoft are working together to give these customers the best possible experience. Like Mike mentioned, as we learned more about MS09-054, we felt mutually good about re-enabling the clickonce addon and as this security fix hits market saturation, we expect to feel comfortable with re-enabling the WPF add-on as well.
We’ve heard loud and clear from customers how we need to work better with Mozilla around how our plug-ins and add-ons interact with Firefox. And I can promise you that our group will continue to collaborate with Mozilla to more proactively notify them of the effect of updates in the future to help ensure customers have interoperable solutions for their business needs.
I’d like to thank Mike and his team at Mozilla for their great work on this issue and look forward to working with them in the future.