Bigbruin.com
Home :: Reviews & Articles ::
Forum :: Info :: :: Facebook :: Youtube :: RSS Feed
Search  :: Register :: Log in
"Major flaw revealed in Internet Explorer...."
Go To Page 1, 2  Next
Post new topic   Reply to topic    Bigbruin.com Forum Index -> Software
View previous topic :: View next topic  
Author Message
FOX
I <3 Quail


Joined: 15 Nov 2004
Posts: 2074
Location: Saint Cloud, MN

PostPosted: Wed, 17 Dec 2008 00:06:01    Post Subject: "Major flaw revealed in Internet Explorer...." Reply with quote View Single Post

anyone else see this?

http://tech.yahoo.com/blogs/null/111811

Quote:

"Major flaw revealed in Internet Explorer; users urged to switch"

The major press outlets are abuzz this morning with news of a major new security flaw that affects all versions of Internet Explorer from IE5 to the latest beta of IE8. The attack has serious and far-reaching ramifications -- and they're not just theoretical attacks. In fact, the flaw is already in wide use as a tool to steal online game passwords, with some 10,000 websites infected with the code needed to take advantage of the hole in IE.

Virtually all security experts (as well as myself) are counseling users to switch to any other web browser -- none of the others are affected, including Firefox, Chrome, and Opera -- at least for the time being, though Microsoft has stubbornly said it "cannot recommend people switch due to this one flaw." Microsoft adds that it is working on a fix but has offered no ETA on when that might happen. Meanwhile it offers some suggestions for a temporary patch, including setting your Internet security zone settings to "high" and offering some complicated workarounds. (Some reports state, however, that the fixes do not actually work.)

Expedient patching or switching are essential. Security pros fear that the attack will soon spread beyond the theft of gaming passwords and into more criminal arenas, as the malicious code can be placed on any website and can be adapted to steal any password stored or entered using the browser. It's now down to the issue of time: Will Microsoft repair the problem and distribute a patch quickly enough to head off the tsunami of fraud that's about to hit or will it come too late to do any good?

Meanwhile, I'll reiterate my recommendation: Switch from Internet Explorer as soon as you can. You can always switch back once the threat is eliminated.

_________________

http://www.facebook.com/DjFOXDnB
My site where I have my latest mixes! www.DjSourceInfo.com
Back to top
View user's profile Send private message Visit poster's website
Little Bruin
Boo Boo

Joined: 07 Apr 2003
Posts: 667
Location: Pic-A-Nic Basket
BeerCheeze
*hick*


Joined: 14 Jun 2003
Posts: 9285
Location: At the Bar

PostPosted: Wed, 17 Dec 2008 00:22:07    Post Subject: Reply with quote View Single Post

Get your security news, from a real site.

http://isc.sans.org/

Dig through there for a while... then when your done sh*ting yourself, you'll realize this is but one of many "Major Flaws" in many different OS's, software, protocols, and basic computer designs.
Back to top
View user's profile Send private message
Doctor Feelgood
Arrrrghh!


Joined: 07 Apr 2003
Posts: 20349
Location: New Jersey

PostPosted: Wed, 17 Dec 2008 10:42:32    Post Subject: Reply with quote View Single Post

security snobs... Rolling Eyes

I prefer my news from all aspects of like compiled in a central location... Grin
Back to top
View user's profile Send private message Visit poster's website
FOX
I <3 Quail


Joined: 15 Nov 2004
Posts: 2074
Location: Saint Cloud, MN

PostPosted: Wed, 17 Dec 2008 12:43:04    Post Subject: Reply with quote View Single Post

everything has security issues... i was just like huh... yahoo is posting this thought i would share lol... im still going to use internet explorer yet lol. I use firefox for some things but still like my IE
_________________

http://www.facebook.com/DjFOXDnB
My site where I have my latest mixes! www.DjSourceInfo.com
Back to top
View user's profile Send private message Visit poster's website
BeerCheeze
*hick*


Joined: 14 Jun 2003
Posts: 9285
Location: At the Bar

PostPosted: Wed, 17 Dec 2008 13:16:13    Post Subject: Reply with quote View Single Post

The only reason this Yahoo is posting this is because he needs to feel like his e-security-penis is huge. And that it's IE/Microsoft.

Where was this guy when Apple took forever to patch "the" Nasty DNS vulnerability? Was he calling for people switch OS's? No. Why not? It was MUCH worse than this.

Also, not a security person I know is "Calling for people to switch browsers" any more now than they ever have (I know, I'm one of them).

This guy is nothing but a IT wanna be in my opinion. When someone like Eric Cole, Johannes Ullrich, Marcus Sachs, Dan Kaminsky, or some one like that tells you "change browsers", then I listen. People like them we're aware and commenting on this vulnerability on Dec 10th, not Dec 16th. Can you say that the cow is already out of the barn, been sent to the butcher, and being eaten in a local hamburger joint by the time he "blogs" about it.



*Yea... I realize.. slight rant. Grin
Back to top
View user's profile Send private message
knight0334
Rated XXX


Joined: 22 Aug 2003
Posts: 2234
Location: Neither Here, Nor There

PostPosted: Wed, 17 Dec 2008 16:56:51    Post Subject: Reply with quote View Single Post

All I know is: I run Firefox and have done so for a couple years, without an antivirus, anti-spy or firewall - and I haven't had a bug higher than a tracking cookie in any test checks during that time period.

That includes going to known tainted websites.

Now with Internet Exploder -I had full fledged installed programs in my system without any consent of install after browsing some websites. Anymore, I refuse to even look at someone's computer if they continue to use IE after I recommended FF.

Internet Explorer should be banned under penalty of death for complaining about any bugs, F'd systems or whatever after browsing with it. At minimum the user should have their hands cut off so that they can never use a computer again.
Back to top
View user's profile Send private message
FOX
I <3 Quail


Joined: 15 Nov 2004
Posts: 2074
Location: Saint Cloud, MN

PostPosted: Wed, 17 Dec 2008 17:02:29    Post Subject: Reply with quote View Single Post

my only complaint with ie is the time it takes for some sites to load vs ff but i still use ie for the majority of my browsing... if im looking for something i shouldnt be or going to sites i dont know i got to ff a lot of the time
_________________

http://www.facebook.com/DjFOXDnB
My site where I have my latest mixes! www.DjSourceInfo.com
Back to top
View user's profile Send private message Visit poster's website
Little Bruin
Boo Boo

Joined: 07 Apr 2003
Posts: 667
Location: Pic-A-Nic Basket
acruxksa
Doh!


Joined: 17 Oct 2003
Posts: 1051
Location: The Cradle of Storms

PostPosted: Wed, 17 Dec 2008 18:36:53    Post Subject: Reply with quote View Single Post

Jason wrote:
security snobs... Rolling Eyes

I prefer my news from all aspects of like compiled in a central location... Grin


Given Cheezies penchant for security, I'm actually surprised he even has a computer at home, much less one that's connected to the internet. Grin

It's like that at my work too, the State of Alaska still uses Win2000 and the computer services group only has ONE approved scanner that we can buy and plug into our computers, but unfortunately it's not the one procurement allows us to buy. It seems their security plan is to make everyone so pi$$ed off at their computers that they refuse to use them............the less we use them, the fewer security issues and hassles.........BRILLIANT! That's why most of us just bring our own laptops and a USB key, we actually have software we can use on our own computers Smile It's also probably why Sarah Palin resorted to using her blackberry and yahoo for e-mail.

GrinGrinGrinGrin

_________________
Back to top
View user's profile Send private message
BeerCheeze
*hick*


Joined: 14 Jun 2003
Posts: 9285
Location: At the Bar

PostPosted: Wed, 17 Dec 2008 18:48:46    Post Subject: Reply with quote View Single Post

acruxksa wrote:
That's why most of us just bring our own laptops and a USB key, we actually have software we can use on our own computers Smile It's also probably why Sarah Palin resorted to using her blackberry and yahoo for e-mail.

GrinGrinGrinGrin


This makes me scream..... Bang Head Yikes
Back to top
View user's profile Send private message
acruxksa
Doh!


Joined: 17 Oct 2003
Posts: 1051
Location: The Cradle of Storms

PostPosted: Wed, 17 Dec 2008 19:04:38    Post Subject: Reply with quote View Single Post

Dr. EvilCheeze wrote:
acruxksa wrote:
That's why most of us just bring our own laptops and a USB key, we actually have software we can use on our own computers Smile It's also probably why Sarah Palin resorted to using her blackberry and yahoo for e-mail.

GrinGrinGrinGrin


This makes me scream..... Bang Head Yikes


GrinGrinGrin I know! You should see the looks we get from CSG. We aren't allowed to connect them to the state network though (we get a nasty phone call within about 30 minutes of someone attempting it Grin ), so it's all sneaker net essentially.

In all fairness, I can understand your paranoia, a couple years ago when they first installed satellite internet on our ship it was only accessible on one computer for testing. The nitwit from the satellite provider dumped the thing right on the internet without the benefit of a firewall or NAT router of any kind. It basically had it's own internet routable IP and since the computer had an original Win2000 install and hadn't received ANY patches..........it brought the entire system to it's knees. It was quite a show really, but the computer literally picked up hundreds of trojans and virus's in a matter of a couple days, not to mention the fact that it was sending spam e-mail as fast as the 512kbps satellite link would allow.

It's a fine line you have to walk, because if security makes things cumbersome, people tend to find other less controlled ways of doing things, yet if things aren't locked down to some degree you're screwed. I don't envy you or anyone who's got the task. Wink

_________________
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Bigbruin.com Forum Index -> Software All times are GMT - 4 Hours
Go To Page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
Contact Us :: On Facebook :: On Youtube :: Newsletter :: RSS Feed :: FAQ :: Links :: Sponsors :: Privacy Policy
Copyright © 2000 - 2023 Bigbruin.com - All rights reserved