Topic: Serious security flaw found in IE (Shock Horror) Pages that link to <a href="https://ozoneasylum.com/backlink?for=30709" title="Pages that link to Topic: Serious security flaw found in IE (Shock Horror)" rel="nofollow" >Topic: Serious security flaw found in IE (Shock Horror)\

 
Author Thread
Tao
Maniac (V) Inmate

From: The Pool Of Life
Insane since: Nov 2003

IP logged posted posted 12-16-2008 12:25 Edit Quote

I've just been reading this on the BBC website so I thought I'd share in case there may be the odd one or two of us who were not aware of IE's shortcomings.

quote:
Users of the Microsoft's Internet Explorer are being urged by experts to switch to a rival until a serious security flaw has been fixed.

The flaw in Microsoft's Internet Explorer could allow criminals to take control of people's computers and steal their passwords, internet experts say.


[edit] adding quote[/edit]


Those who look for monsters should look to it that
they do not become monsters. For when you gaze
long into the abyss, the abyss also gazes into you.


(Edited by Tao on 12-16-2008 12:27)

Blaise
Paranoid (IV) Inmate

From: London
Insane since: Jun 2003

IP logged posted posted 12-16-2008 13:56 Edit Quote

You can lead a horse to water,
But you can't make it drink.


WebShaman
Lunatic (VI) Mad Scientist

From: The Happy Hunting Grounds...
Insane since: Mar 2001

IP logged posted posted 12-16-2008 16:06 Edit Quote

*pats his Firefox*

WebShaman | The keenest sorrow (and greatest truth) is to recognize ourselves as the sole cause of all our adversities.
- Sophocles

poi
Paranoid (IV) Inmate

From: Norway
Insane since: Jun 2002

IP logged posted posted 12-16-2008 23:28 Edit Quote

*pats anything but IE*

SleepingWolf
Paranoid (IV) Inmate

From:
Insane since: Jul 2006

IP logged posted posted 12-17-2008 01:31 Edit Quote

This part was way too funny:

quote:
Said Mr Ferguson: "If users can find an alternative browser, then that's good mitigation against the threat."

But Microsoft counselled against taking such action.

"I cannot recommend people switch due to this one flaw," said John Curran, head of Microsoft UK's Windows group.



Nature & Travel Photography
Main Entrance

CPrompt
Maniac (V) Inmate

From: there...no..there.....
Insane since: May 2001

IP logged posted posted 12-17-2008 01:48 Edit Quote
quote:

Blaise said:

You can lead a horse to water,But you can't make it drink.



Chuck Norris can

Later,

C:\

Tao
Maniac (V) Inmate

From: The Pool Of Life
Insane since: Nov 2003

IP logged posted posted 12-17-2008 02:04 Edit Quote

Or as Dorothy Parker once said.

quote:
You can lead a horticulture but you can't make her think
SleepingWolf
Paranoid (IV) Inmate

From:
Insane since: Jul 2006

IP logged posted posted 12-17-2008 03:55 Edit Quote

I'd rather have a bottle in front of me than a frontal lobotomy.

Completely OT: have you seen this:

http://bewareofthedoghouse.com/VideoPage.aspx

Nature & Travel Photography
Main Entrance

Suho1004
Maniac (V) Mad Librarian

From: Seoul, Korea
Insane since: Apr 2002

IP logged posted posted 12-17-2008 08:55 Edit Quote
quote:

CPrompt said:

quote:Blaise said:You can lead a horse to water,But you can't make it drink.Chuck Norris can Later,C:\



Chuck Norris doesn't need to lead a horse to water--he can consume all the water in a lake or river in one gulp, saunter over to the horse at will, and then piss out a stream of water that has been purified simply by being passed through his kidneys.


___________________________
Suho: www.liminality.org | Cell 270 | Sig Rotator | the Fellowship of Sup

poi
Paranoid (IV) Inmate

From: Norway
Insane since: Jun 2002

IP logged posted posted 12-18-2008 12:01 Edit Quote

Brilliant, the security hole seems to go effect all versions of IE from IE5 up to IE8b2. *sigh* one would think that a company as big as M$ has significant capacity to QA its product esp. security vectors. IE5 beta1 is more than 10 years old and some of its flaws still make their way in current versions grrrr!!

WebShaman
Lunatic (VI) Mad Scientist

From: The Happy Hunting Grounds...
Insane since: Mar 2001

IP logged posted posted 12-18-2008 15:13 Edit Quote

Well, in light of what you posted, poi, it just sickens and disgusts me that IE is still the "most used" browser out there...

Especially these days, where there are alternatives that are

A) Easy to DL and install

B) Obviously better

C) Are more standards compliant

Sometimes, I just hate people laziness.

WebShaman | The keenest sorrow (and greatest truth) is to recognize ourselves as the sole cause of all our adversities.
- Sophocles

Blaise
Paranoid (IV) Inmate

From: London
Insane since: Jun 2003

IP logged posted posted 12-18-2008 16:49 Edit Quote

Well I was shocked to find out that a friend of mine who works for IBM has a company laptop with IE 6 as the default browser.

He had only had the laptop for a few months and it had already been overrun by malware and the like.

One of the largest IT companies still using IE6, from one of their standard images, that's what is sickening.

CPrompt
Maniac (V) Inmate

From: there...no..there.....
Insane since: May 2001

IP logged posted posted 12-18-2008 17:26 Edit Quote
quote:

WebShaman said:

Sometimes, I just hate people laziness.



don't confuse laziness with ignorance. Meaning that I actually have a friend that thought to get on the internet, he had to click the big blue E. And by ignorance, I mean that people just don't know.

So are the people at fault all the time. nah.

However, our home office told us not long ago to actually use IE and I was told that they "would not support Firefox". whatever!

Later,

C:\

Blacknight
Paranoid (IV) Inmate

From: INFRONT OF MY PC
Insane since: Dec 2001

IP logged posted posted 12-18-2008 22:36 Edit Quote

Most companies do not support anything other than IE. And have a great big department dealing with all the problems occurring due to IE.

WebShaman
Lunatic (VI) Mad Scientist

From: The Happy Hunting Grounds...
Insane since: Mar 2001

IP logged posted posted 12-18-2008 23:20 Edit Quote

Yeah, love those IT departments insisting on "IE" only. We have them too, but at least FF comes as a portable version...

Hehe...

And C, in this case I really do not consider ignorance to be an excuse anymore - anyone who has access to the internet should not be pleading ignorance.

WebShaman | The keenest sorrow (and greatest truth) is to recognize ourselves as the sole cause of all our adversities.
- Sophocles

Hugh
Paranoid (IV) Inmate

From: Dublin, Ireland
Insane since: Jul 2000

IP logged posted posted 12-22-2008 13:22 Edit Quote

I find all this hype recently about IE being the devil so weird, why is it all of a sudden so main stream and why is the alternative just firefox? Can anyone get any real information about this vulnerability?

Is it something to do with Firefox now sending all of your surfing information straight to Google by default?

Tools -> Options -> Security

[x] Tell me if the site I'm visiting is a suspected attack site

[x] Tell me if the site I'm visiting is a suspected forgery

All your DNS requests are collected.

(By the way have you noticed Firefox has also added a Microsoft DRM add-on by default too).

(Edited by Hugh on 12-22-2008 13:23)

Allewyn
Maniac (V) Mad Scientist

From: Solitary confinement
Insane since: Feb 2001

IP logged posted posted 12-25-2008 18:52 Edit Quote

Yep. Noticed that. It all points to the major networks combining to serve the one world government. Too bad Opera is so unsupported. Chrome's even worse. I'm using it right now and expect everything I do to be logged and on a server somewhere immediately. The asylum isn't safe...

Wolfen
Paranoid (IV) Inmate

From: Minnesota
Insane since: Jan 2001

IP logged posted posted 01-06-2009 08:58 Edit Quote

*pets Safari* heheheheheheh.

CollaredKitty
Neurotic (0) Inmate
Newly admitted

From:
Insane since: Feb 2009

IP logged posted posted 02-15-2009 20:08 Edit Quote

At the risk of inciting some fanboy frothing, I have to point out that Firefox was the browser at the top of the list for critical vulnerabilities issued and patched in 2008 (http://blogs.zdnet.com/security/?p=2304). Criticality level is determined based on the type of vulnerability, code execution/machine access rate at high and extreme criticality. Any and all security alerts are filed under system access by default.

http://secunia.com/advisories/product/12434/?task=advisories_2008

IE has more unpatched vulnerabilities, but the reason they're unpatched is they're so insubstantial in the effect they have on the user that they aren't worth fixing.

http://secunia.com/advisories/product/12366/?task=advisories_2008

As far as critical security alerts, they are identical, primarily because it was the introduction of new attack methods that effected all browsers, not just firefox or ie.

Other reading for those interested in truly knowing what's going on with their machines follows:

http://blogs.zdnet.com/security/?p=2517
http://www.beyondtrust.com/documentation/whitePapers/wp_VulnerabilityReport.pdf
http://blogs.zdnet.com/security/?p=2419
http://www.schneier.com/blog/
http://cansecwest.com/

WebShaman
Lunatic (VI) Mad Scientist

From: The Happy Hunting Grounds...
Insane since: Mar 2001

IP logged posted posted 02-15-2009 21:13 Edit Quote

Why should any "fanbois" froth at the mouth?

The Dev Team for FF IDs and works pretty fast to fix vulnerabilities, etc for FF.

In fact, much better than M$ for IE.

WebShaman | The keenest sorrow (and greatest truth) is to recognize ourselves as the sole cause of all our adversities.
- Sophocles

reisio
Paranoid (IV) Inmate

From: Florida
Insane since: Mar 2005

IP logged posted posted 02-15-2009 23:12 Edit Quote

You find more bugs when you're allowed to look at the source code. You also patch, let me think... all of them.

sophielucky
Bipolar (III) Inmate

From: Miami
Insane since: Nov 2010

IP logged posted posted 12-22-2010 06:16 Edit Quote

You can lead a horse to water,
But you can't make it drink.

Good saying.

__________________
My Favorite Tools:
flash banner | flash menu | flash decompiler

SleepingWolf
Paranoid (IV) Inmate

From:
Insane since: Jul 2006

IP logged posted posted 12-23-2010 06:34 Edit Quote
quote:

sophielucky said:

You can lead a horse to water,But you can't make it drink.Good saying.__________________My Favorite Tools:flash banner | flash menu | flash decompiler




Completely meaningless and out of context, but what would you expect from a bot.

Nature & Travel Photography
Main Entrance



Post Reply
 
Your User Name:
Your Password:
Login Options:
 
Your Text:
Loading...
Options:


« BackwardsOnwards »

Show Forum Drop Down Menu