Microsoft seems to think that there is a phishing attack getting the user credentials or this is the work of a virus/worm. My guess is that it is a full on assault on Hotmail using both methods. Just today I received an email from a known contact with this in the body:

Hello,
So amazing!I ordered one black apple iphone 3gs 32gb from this website [link removed] www.savyou.com one weeks ago,today I’ve got it .Far from my  imagination, it’s genuine and as good as I expected,but much cheaper.I can’t help sharing this good news with you! May all goes well for you.Cheers!
Jay

An interesting part to this email is that this is a standard closing that this person uses, perhaps in a signature file. At the end of the day this becomes a nightmare to email system administrators. This is a significant amount of spam coming from a previously trusted source. I have not tested out the link that I removed above but I am guessing that if I visit that site there will be a drive by download of a virus or trojan.

My preferred free web based email  service is Gmail, it may be time for every loyal Hotmail user to consider switching.

By clicking on the “Reports” button, you can find a lot of useful information about your email account like how many spam messages you received or how many emails you received last week.  Another new exciting feature is the ability for us to skin your domain account to look and feel like your website.

Most of the changes are behind the scenes, but the enhancements to the interface should make for a more user-friendly experience.  The new software allows us better control over spam and enhances security so that we can stop more threats from ever reaching our mail server.  The new software also allows new reporting features that help domain administrators set up notification reports which let users know how much space they are using or how many emails a user is sending out.

If you would like information on how to use any of these new features, please contact our support department at 919-518-0670 option 8 or support@atlanticbt.com.

This update adds to Firefox one of the most dangerous vulnerabilities present in all versions of Internet Explorer: the ability for websites to easily and quietly install software on your PC.

To make matters worse, as you can see in the image, the uninstall option common in Firefox Add-ons is not available in this “add on.”

Tech Republic has an interesting quote from Brad Adams that explains in its first iteration this was installed at the machine level which meant that it would be available to all users on the system, but not available for uninstall at the user level. Microsoft has reportedly released another “update” that makes this “add-on”  a user level component. As you can probably guess this means that you not only have to rip it out for your user account but also all the other user accounts on the system.

So for those of you brave enough to follow the uninstall instructions at Annoyances.org and actually change the registry to remove this uninvited vulnerability from your Firefox install (it’s not that bad as long as you know how to launch regedit); whats to say this is the end of these types of shenanigans, from Microsoft.  The rub here is that if you read what was changed with the service pack there was no mention of this add-on, Firefox or anything called .Net Framework one click assistant.

If you are like me and have been putting off getting this gaping security hole closed up do not wait any longer, it only takes a minute or two.

This is one move that makes one wonder to what end will Microsoft go before they realize they have simply been outclassed and lost the browser war, post questions in the comments if you have some.