An add-on that Microsoft silently slipped into Mozilla’s Firefox last February leaves that browser open to attack, Microsoft’s security engineers acknowledged earlier this week.

via Sneaky Microsoft plug-in puts Firefox users at risk ( – Internet – Software – Security ).

I suppose somewhere in Microsoft’s licensing language there is an acknowledgment and release of liability for actions like this. Even so, I certainly don’t think most Microsoft customers expect updates to so directly compromise 3rd-party programs like Firefox  —  and I wonder what Microsoft’s legal responsibility would be, even with their licensing language, should this kind of action truly result in a major loss?