| View previous topic :: View next topic |
| Author |
Message |
FOX
I <3 Quail
Joined: 15 Nov 2004
Posts: 2074
Location: Saint Cloud, MN
|
 Posted: Wed, 17 Dec 2008 00:06:01 Post Subject: "Major flaw revealed in Internet Explorer...." |
  |
|
anyone else see this?
http://tech.yahoo.com/blogs/null/111811
| Quote: |
"Major flaw revealed in Internet Explorer; users urged to switch"
The major press outlets are abuzz this morning with news of a major new security flaw that affects all versions of Internet Explorer from IE5 to the latest beta of IE8. The attack has serious and far-reaching ramifications -- and they're not just theoretical attacks. In fact, the flaw is already in wide use as a tool to steal online game passwords, with some 10,000 websites infected with the code needed to take advantage of the hole in IE.
Virtually all security experts (as well as myself) are counseling users to switch to any other web browser -- none of the others are affected, including Firefox, Chrome, and Opera -- at least for the time being, though Microsoft has stubbornly said it "cannot recommend people switch due to this one flaw." Microsoft adds that it is working on a fix but has offered no ETA on when that might happen. Meanwhile it offers some suggestions for a temporary patch, including setting your Internet security zone settings to "high" and offering some complicated workarounds. (Some reports state, however, that the fixes do not actually work.)
Expedient patching or switching are essential. Security pros fear that the attack will soon spread beyond the theft of gaming passwords and into more criminal arenas, as the malicious code can be placed on any website and can be adapted to steal any password stored or entered using the browser. It's now down to the issue of time: Will Microsoft repair the problem and distribute a patch quickly enough to head off the tsunami of fraud that's about to hit or will it come too late to do any good?
Meanwhile, I'll reiterate my recommendation: Switch from Internet Explorer as soon as you can. You can always switch back once the threat is eliminated. |
_________________
http://www.facebook.com/DjFOXDnB
My site where I have my latest mixes! www.DjSourceInfo.com |
|
| Back to top |
|
 |
Little Bruin
Boo Boo
Joined: 07 Apr 2003
Posts: 667
Location: Pic-A-Nic Basket |
|
|
BeerCheeze
*hick*
Joined: 14 Jun 2003
Posts: 9285
Location: At the Bar
|
| Posted: Wed, 17 Dec 2008 00:22:07 Post Subject: |
|
|
Get your security news, from a real site.
http://isc.sans.org/
Dig through there for a while... then when your done sh*ting yourself, you'll realize this is but one of many "Major Flaws" in many different OS's, software, protocols, and basic computer designs. |
|
| Back to top |
|
|
Doctor Feelgood
Arrrrghh!
Joined: 07 Apr 2003
Posts: 20349
Location: New Jersey
|
| Posted: Wed, 17 Dec 2008 10:42:32 Post Subject: |
|
|
security snobs... 
I prefer my news from all aspects of like compiled in a central location...  |
|
| Back to top |
|
|
FOX
I <3 Quail
Joined: 15 Nov 2004
Posts: 2074
Location: Saint Cloud, MN
|
| Posted: Wed, 17 Dec 2008 12:43:04 Post Subject: |
|
|
everything has security issues... i was just like huh... yahoo is posting this thought i would share lol... im still going to use internet explorer yet lol. I use firefox for some things but still like my IE
_________________
http://www.facebook.com/DjFOXDnB
My site where I have my latest mixes! www.DjSourceInfo.com |
|
| Back to top |
|
|
BeerCheeze
*hick*
Joined: 14 Jun 2003
Posts: 9285
Location: At the Bar
|
| Posted: Wed, 17 Dec 2008 13:16:13 Post Subject: |
|
|
The only reason this Yahoo is posting this is because he needs to feel like his e-security-penis is huge. And that it's IE/Microsoft.
Where was this guy when Apple took forever to patch "the" Nasty DNS vulnerability? Was he calling for people switch OS's? No. Why not? It was MUCH worse than this.
Also, not a security person I know is "Calling for people to switch browsers" any more now than they ever have (I know, I'm one of them).
This guy is nothing but a IT wanna be in my opinion. When someone like Eric Cole, Johannes Ullrich, Marcus Sachs, Dan Kaminsky, or some one like that tells you "change browsers", then I listen. People like them we're aware and commenting on this vulnerability on Dec 10th, not Dec 16th. Can you say that the cow is already out of the barn, been sent to the butcher, and being eaten in a local hamburger joint by the time he "blogs" about it.
*Yea... I realize.. slight rant. |
|
| Back to top |
|
|
knight0334
Rated XXX
Joined: 22 Aug 2003
Posts: 2234
Location: Neither Here, Nor There
|
|
| Back to top |
|
|
FOX
I <3 Quail
Joined: 15 Nov 2004
Posts: 2074
Location: Saint Cloud, MN
|
| Posted: Wed, 17 Dec 2008 17:02:29 Post Subject: |
|
|
my only complaint with ie is the time it takes for some sites to load vs ff but i still use ie for the majority of my browsing... if im looking for something i shouldnt be or going to sites i dont know i got to ff a lot of the time
_________________
http://www.facebook.com/DjFOXDnB
My site where I have my latest mixes! www.DjSourceInfo.com |
|
| Back to top |
|
|
Little Bruin
Boo Boo
Joined: 07 Apr 2003
Posts: 667
Location: Pic-A-Nic Basket |
|
|
acruxksa
Doh!
Joined: 17 Oct 2003
Posts: 1051
Location: The Cradle of Storms
|
| Posted: Wed, 17 Dec 2008 18:36:53 Post Subject: |
|
|
| Jason wrote: | security snobs...
I prefer my news from all aspects of like compiled in a central location... |
Given Cheezies penchant for security, I'm actually surprised he even has a computer at home, much less one that's connected to the internet.
It's like that at my work too, the State of Alaska still uses Win2000 and the computer services group only has ONE approved scanner that we can buy and plug into our computers, but unfortunately it's not the one procurement allows us to buy. It seems their security plan is to make everyone so pi$$ed off at their computers that they refuse to use them............the less we use them, the fewer security issues and hassles.........BRILLIANT! That's why most of us just bring our own laptops and a USB key, we actually have software we can use on our own computers  It's also probably why Sarah Palin resorted to using her blackberry and yahoo for e-mail.
_________________
 |
|
| Back to top |
|
|
BeerCheeze
*hick*
Joined: 14 Jun 2003
Posts: 9285
Location: At the Bar
|
| Posted: Wed, 17 Dec 2008 18:48:46 Post Subject: |
|
|
| acruxksa wrote: | That's why most of us just bring our own laptops and a USB key, we actually have software we can use on our own computers It's also probably why Sarah Palin resorted to using her blackberry and yahoo for e-mail.
|
This makes me scream.....   |
|
| Back to top |
|
|
acruxksa
Doh!
Joined: 17 Oct 2003
Posts: 1051
Location: The Cradle of Storms
|
| Posted: Wed, 17 Dec 2008 19:04:38 Post Subject: |
|
|
| Dr. EvilCheeze wrote: | | acruxksa wrote: | That's why most of us just bring our own laptops and a USB key, we actually have software we can use on our own computers It's also probably why Sarah Palin resorted to using her blackberry and yahoo for e-mail.
|
This makes me scream..... |
I know! You should see the looks we get from CSG. We aren't allowed to connect them to the state network though (we get a nasty phone call within about 30 minutes of someone attempting it ), so it's all sneaker net essentially.
In all fairness, I can understand your paranoia, a couple years ago when they first installed satellite internet on our ship it was only accessible on one computer for testing. The nitwit from the satellite provider dumped the thing right on the internet without the benefit of a firewall or NAT router of any kind. It basically had it's own internet routable IP and since the computer had an original Win2000 install and hadn't received ANY patches..........it brought the entire system to it's knees. It was quite a show really, but the computer literally picked up hundreds of trojans and virus's in a matter of a couple days, not to mention the fact that it was sending spam e-mail as fast as the 512kbps satellite link would allow.
It's a fine line you have to walk, because if security makes things cumbersome, people tend to find other less controlled ways of doing things, yet if things aren't locked down to some degree you're screwed. I don't envy you or anyone who's got the task. 
_________________
|
|
| Back to top |
|
|
|
