What exactly is Microsoft trying to do to Firefox on my system?
Wednesday, October 10th, 2007 — 3:05am (PDT)
When I was loading some bookmarked comics into tabs at 2:15 this morning, a Symantec warning window (it just said "Symantec", not Norton AntiVirus) popped up with the following "Program Alert" for a security threat it deemed "Low Risk":
A remote system is attempting to access firefox on your computer.
Yes, with "firefox" in lower case.
The details section listed the offending remote address as 207.46.209.168:5004 and under "What do you want to do?", the corresponding menu was set to "Allow always (recommended)" with no indication of why Symantec recommends that I always allow unexpected connections of any kind from unknown computers.
Here is a window-capture of the Symantec window itself plus ugly gray corners added by Windows Vista's built-in Alt+PrtScn window-capturing system:
Since always allowing unexpected connections from unknown computers sounds like a pretty stupid idea to me, I opted for blocking the attempt instead.
Blocking the attempt was not enough for me, though; I wanted to know who was trying to access Firefox on my system. I wondered if it might be some hackery originating from Ctrl+Alt+Del—the first of the alphabetically sorted comics I was loading and the only one that did not actually load and so seemed by circumstance to have just been blocked by Norton AntiVirus. However, a quick lookup resulted in a rather surprising answer to who owns 207.46.209.168: Microsoft!
What exactly is Microsoft trying to do to Firefox on my system? And if I were using Microsoft's own anti-virus software instead of Symantec's horrible, but occasionally useful Norton AntiVirus, would it have warned me? Why should I trust Microsoft or Symantec about this?
