MAJOR Security Flaw in Internet Explorer!

[3113]

Yikes!

The major press outlets are abuzz this morning with news of a major new security flaw that affects all versions of Internet Explorer from IE5 to the latest beta of IE8. The attack has serious and far-reaching ramifications -- and they're not just theoretical attacks. In fact, the flaw is already in wide use as a tool to steal online game passwords, with some 10,000 websites infected with the code needed to take advantage of the hole in IE.

Virtually all security experts...are counseling users to switch to any other web browser -- none of the others are affected, including Firefox, Chrome, and Opera -- at least for the time being, though Microsoft has stubbornly said it "cannot recommend people switch due to this one flaw." Microsoft adds that it is working on a fix but has offered no ETA on when that might happen. Meanwhile it offers some suggestions for a temporary patch, including setting your Internet security zone settings to "high" and offering some complicated workarounds. (Some reports state, however, that the fixes do not actually work.)

Expedient patching or switching are essential. Security pros fear that the attack will soon spread beyond the theft of gaming passwords and into more criminal arenas, as the malicious code can be placed on any website and can be adapted to steal any password stored or entered using the browser. It's now down to the issue of time: Will Microsoft repair the problem and distribute a patch quickly enough to head off the tsunami of fraud that's about to hit or will it come too late to do any good

Well. This isn't good.

 

[TxRad]

Yikes!

Well. This isn't good.

As Weird Harold said in the other thread on this same subject, IE and Security Flaw have been synonymous from the beginning.

Thanks the Gods for Firefox.

 

[Liar]

Does people use IE?

It seems to me a bit like, I dunno, writing your smut in Notepad.

 

[slyc_willie]

Does people use IE?

It seems to me a bit like, I dunno, writing your smut in Notepad.

I's be usin' th' Fox meself.

Seriously, I was a diehard IE user until the SO moved in and edumacated me.

 

[Lee Chambers]

I'm not sure how bad this security flaw is. I play World of Warcraft and only a few weeks ago my account was hacked. I had no idea how it happened because I don't give out my info for that account but then another friend who plays told me about this. There has recently been a rash of account hackings in the game and my concern is that you don't have to actually run IE in order for the loophole to affect you. And, true to Microsoft style, you can't remove IE because it's built into the damn OS.

 

[impressive]

I can't stand IE. The more I use Chrome, the more I likes it. Still primarily a Firefox user, though.

It would seem, from watching the Windows Task Manager, that Chrome is the most efficient when it comes to resources.

 

[Fallenfromgrace]

When i upgraded my laptop, i didnt bother to dl firefox, because i got used to the userability of IE. I think i'll go DL it now...

 

[DesertPirate]

Never did use IE, used Netscape until Firefox came along
Something about the idea of Gates telling me what "had" to be on "my" computer never has sat right

About 70% of all windows vulnerabilities are rooted in IE, that shoud be enough reason to avoid it

 

[cloudy]

Never did use IE, used Netscape until Firefox came along

Same here.

 

[Pure]

supposedly a patch is coming out today, wed.

 

[Hooper_X]

That's bad in that most people use IE, and therefore this might lead to Internet Congestion, e.g. if this thing spawns a massive bot-net. Personally though, I haven't used IE since the mid-late 1990s.

 

[Hooper_X]

Never did use IE, used Netscape until Firefox came along

Which browser were you using before that? I was a Lynx man myself.

 

[Hooper_X]

I can't stand IE. The more I use Chrome, the more I likes it.

I like elegant simplicity of both Chrome and Opera... on paper. Unfortunately, as an extension and grease-monkey junkie, they are useless to me in practical application.

 

[Stella_Omega]

I like elegant simplicity of both Chrome and Opera... on paper. Unfortunately, as an extension and grease-monkey junkie, they are useless to me in practical application.

Yeah, I love Firefox's extensions-ability.

unfortunately, this version-- 3.0.4 for OS X-- seems awfully buggy. On my to do list today, is a complete deinstall and reinstall. I haven't DLd chrome, think I might try it...

(ETA) not for mac yet.

 

[Hooper_X]

unfortunately, this version-- 3.0.4 for OS X-- seems awfully buggy.

I must be lucky. I've never had a problem with Firefox even loaded with extensions and grease monkey scripts... well, never a probable that reinstalling (with a fresh profile) didn't fix.

 

[epiphany65]

This is another good example of why I too switched to Firefox years ago.

 

[Stella_Omega]

I must be lucky. I've never had a problem with Firefox even loaded with extensions and grease monkey scripts... well, never a probable that reinstalling (with a fresh profile) didn't fix.

dammit. How do I delete my old profile, and what files can I keep and replace, do you think? Bookmarks, and passwords-- what about browsing history?

 

[epiphany65]

dammit. How do I delete my old profile, and what files can I keep and replace, do you think? Bookmarks, and passwords-- what about browsing history?

You can switch to Forefox from IE with little or no pain. They have a page for IE users that explains how all of your settings can be imported so everything will be saved. Here's the page:
http://support.mozilla.com/en-US/kb/For+Internet+Explorer+Users?style_mode=inproduct

My previous post has a link from where you can download.

 

[Hooper_X]

dammit. How do I delete my old profile, and what files can I keep and replace, do you think? Bookmarks, and passwords-- what about browsing history?

I haven't a clue as to where a FF profile would be on a Mac.
Here's a page that probably has the answer...

http://support.mozilla.com/en-US/kb/Profiles

You can either back up or export your bookmarks.

You can use the infolister extension to save a list of your extensions.

Passwords???? I don't save a lot of passwords. I use the iMacros extension to log into sites (and a million other repetitive tasks) and those are saved with the bookmarks.

 

[Stella_Omega]

I haven't a clue as to where a FF profile would be on a Mac.
Here's a page that probably has the answer...

http://support.mozilla.com/en-US/kb/Profiles

You can either back up or export your bookmarks.

You can use the infolister extension to save a list of your extensions.

Passwords???? I don't save a lot of passwords. I use the iMacros extension to log into sites (and a million other repetitive tasks) and those are saved with the bookmarks.

This is where a little learning is a dangerous thing... i don't know nothing about iMacros! man, I love meeting people who know more than me, I really do! If only I knew the questions to ask you!

 

[Hooper_X]

This is where a little learning is a dangerous thing... i don't know nothing about iMacros! man, I love meeting people who know more than me, I really do! If only I knew the questions to ask you!

iMacros is an extension that lets you record repetitive tasks (like signing into a web site or emailing a particular person and opening the email with "Hey, Fuck-face.") You simply press the record button, then do whatever it is that you want iMacros to do automatically. The extension writes a script to do it. When you want to do that thing again, you just hit the iMacro button and select whichever macro you need. Then stuff just starts happening... like magic.

I'm guessing that iMacros was ripped off of some Mac software or OSX itself.


https://addons.mozilla.org/en-US/firefox/search?q=imacros&cat=all

 

[TxRad]

iMacros is an extension that lets you record repetitive tasks (like signing into a web site or emailing a particular person and opening the email with "Hey, Fuck-face.") You simply press the record button, then do whatever it is that you want iMacros to do automatically. The extension writes a script to do it. When you want to do that thing again, you just hit the iMacro button and select whichever macro you need. Then stuff just starts happening... like magic.

I'm guessing that iMacros was ripped off of some Mac software or OSX itself.


https://addons.mozilla.org/en-US/firefox/search?q=imacros&cat=all

The original imacros became popular with Works for windows and originated in Dos under another name that my old brain won't spit out.

 

[NoJo]

Thanks for the warning. Switching to Firefox until the patch is available.

I use different browsers all the time, and generally I use I.E. because of its slightly quicker and slicker page-rendering than rivals.

Before knocking I.E. it's well to remember that Dynamic HTML and Ajax, two foundations of Web 2.0, were part of Internet Explorer long before they were available in other browsers.

Ive had to rescue infected computers where the infection came through Firefox (actually through the Google Toolbar for Firefox).

 

[fifty5]

M$ integrated IE (and Outlook) to undermine independent offerings for web-browsing and email.

Since day 1, they've both been targeted by the spam and virus brigade.

Anyone, IMHO, who uses either IE or Outlook is ignorant of the consequences - and the firewall and ant-virus industries have been built on that foundation.

As a Web author, one must still make web designs accessible to IE, not because it's good, but because a huge number of users actually are ignorant of the costs.

More, M$ built in to their whole Web thing a number of proprietary defects (hidden from users) intended to make Netscape, etc. look broken. (Particularly the use of '\' instead of '/'.)

Further, M$ have steadily added non-standard functions - without ensuring that they were exploit-resistant - for exactly the same monopolistic reasons.

This topic really isn't news!

 

[DesertPirate]

Which browser were you using before that? I was a Lynx man myself.

I started with Netscape

Before Bill boy even thought of IE