PDA

View Full Version : ie flawed? surely not


edbr
12-17-2008, 04:03 AM
on yahoo in case you missed it

The major press outlets are abuzz this morning with news of a major new security flaw that affects all versions of Internet Explorer (http://news.bbc.co.uk/2/hi/technology/7784908.stm)from IE5 to the latest beta of IE8. The attack has serious and far-reaching ramifications -- and they're not just theoretical attacks. In fact, the flaw is already in wide use as a tool to steal online game passwords, with some 10,000 websites infected with the code needed to take advantage of the hole in IE.Virtually all security experts (as well as myself) are counseling users to switch to any other web browser -- none of the others are affected, including Firefox, Chrome, and Opera -- at least for the time being, though Microsoft has stubbornly said it "cannot recommend people switch due to this one flaw." Microsoft adds that it is working on a fix but has offered no ETA on when that might happen. Meanwhile it offers some suggestions for a temporary patch, including setting your Internet security zone settings to "high" and offering some complicated workarounds (http://www.microsoft.com/technet/security/advisory/961051.mspx). (Some reports state, however, that the fixes do not actually work (http://voices.washingtonpost.com/securityfix/2008/12/microsoft_big_security_hole_in.html).)

Corrosive
12-17-2008, 07:20 AM
at least for the time being, though Microsoft has stubbornly said it "cannot recommend people switch due to this one flaw."

Saw this on the Beeb website yesterday. How can MS not recommend switching browsers to keep users safe? I thought they were the 'champions of online security'? It seems until the problem stems from their software and then they sidestep the issue.

edbr
12-17-2008, 07:48 AM
ah but they do it so gracefully , dont they? like Dancing with the Geeks

domedia
12-17-2008, 02:33 PM
No more testing for IE.. at least for now ;)

coloeagle
12-17-2008, 03:07 PM
Well MS says they will release a patch through normal updates today.
http://www.pcpro.co.uk/news/243393/microsoft-pushes-emergency-patch-for-internet-explorer.html