A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » General XP issues or comments
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Serious security flaw found in IE



 
 
Thread Tools Display Modes
  #1  
Old December 17th 08, 11:15 PM posted to microsoft.public.windowsxp.general,microsoft.public.windows.vista.general,microsoft.public.windows.inetexplorer.ie6.browser,microsoft.public.security.homeusers
external usenet poster
 
Posts: n/a
Default Serious security flaw found in IE

Shouldn't You Rub Da Lamb Chop On Da Baboon To Increase Da Jerking Off
Count?


"measekite" wrote in message
...
On Tue, 16 Dec 2008 08:59:02 -0500, Alan wrote:

Here's a News Article carried today by the BBC at
http://news.bbc.co.uk/2/hi/technology/7784908.stm

Serious security flaw found in IE

Users of Microsoft's Internet Explorer are being urged by experts to
switch
to a rival until a serious security flaw has been fixed.


One should not be surprised by that garbage program.

The flaw in Microsoft's Internet Explorer could allow criminals to take
control of people's computers and steal their passwords, internet experts
say.

Microsoft urged people to be vigilant while it investigated and prepared
an
emergency patch to resolve it.

Internet Explorer is used by the vast majority of the world's computer
users.


"Microsoft is continuing its investigation of public reports of attacks
against a new vulnerability in Internet Explorer," said the firm in a
security advisory alert about the flaw.

Microsoft says it has detected attacks against IE 7.0 but said the
"underlying vulnerability" was present in all versions of the browser.

Other browsers, such as Firefox, Opera, Chrome, Safari, are not
vulnerable
to the flaw Microsoft has identified.

Browser bait

"In this case, hackers found the hole before Microsoft did," said Rick
Ferguson, senior security advisor at Trend Micro. "This is never a good
thing."

As many as 10,000 websites have been compromised since the vulnerability
was
discovered, he said.

"What we've seen from the exploit so far is it stealing game passwords,
but
it's inevitable that it will be adapted by criminals," he said. "It's
just a
question of modifying the payload the trojan installs."


Said Mr Ferguson: "If users can find an alternative browser, then that's
good mitigation against the threat."

But Microsoft counselled against taking such action.

"I cannot recommend people switch due to this one flaw," said John
Curran,
head of Microsoft UK's Windows group.

He added: "We're trying to get this resolved as soon as possible.

"At present, this exploit only seems to affect 0.02% of internet sites,"
said Mr Curran. "In terms of vulnerability, it only seems to be affecting
IE7 users at the moment, but could well encompass other versions in
time."

Richard Cox, chief information officer of anti-spam body The Spamhaus
Project and an expert on privacy and cyber security, echoed Trend Micro's
warning.

"It won't be long before someone reverse engineers this exploit for more
fraudulent purposes. Trend Mico's advice [of switching to an alternative
web
browser] is very sensible," he said.

PC Pro magazine's security editor, Darien Graham-Smith, said that there
was
a virtual arms race going on, with hackers always on the look out for new
vulnerabilities.

"The message needs to get out that this malicious code can be planted on
any
web site, so simple careful browsing isn't enough."

"It's a shame Microsoft have not been able to fix this more quickly, but
letting people know about this flaw was the right thing to do. If you
keep
flaws like this quiet, people are put at risk without knowing it."

"Every browser is susceptible to vulnerabilities from time to time. It's
fine to say 'don't use Internet Explorer' for now, but other browsers may
well find themselves in a similar situation," he added.



Ads
 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off






All times are GMT +1. The time now is 09:51 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.