A security update for a Microsoft Windows component installed on tens of millions of computers has quietly installed an extra add-on for Mozilla's Firefox Web browser.

It all started earlier this year, when Redmond shipped a bundle of updates known as a "service pack" for a programming platform called the Microsoft .NET Framework. The service pack for the .NET Framework, like other updates, was pushed out to users and apparently it automatically installed its own Firefox add-on that is difficult if not dangerous to kill.

According to Annoyances.org, "this update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for Web sites to easily and quietly install software on your PC."

While it is not quite as doomsday as that, it might be pretty annoying for those anti-internet exploder issuers to find that their beloved Firebadger has been stroked by the hand of Steve Ballmer. To make matters worse Microsoft has disabled the "uninstall" button on the extension and the only way to fix it is to modify the Windows registry.

The question is why Microsoft did not run the add-on like every other company in the world through the Mozilla site. Then it would be honest, and not sail up anyone's nasal passages. However as it is it must make some people wonder if they can trust Redmond to install security patches that will not interfere with other aspects of their machines.