PSA: Catastrophic IE security flaw!

[Deleted member 4644]

http://www.theinquirer.net/?article=27850

http://news.zdnet.com/2100-1009_22-5965247.html

Visiting a web page can launch an .exe on your comptuer with this new flaw! SP2 vuln.

 

[ribbon13]

Sweet. I can't wait to use this to run "Firefox Setup 1.0.7.exe" on peoples computers.

 

[SilverTorch]

The exploit doesn't work ...

 

[acemcmac]

WOW

 

[acemcmac]

Originally posted by: SilverTorch
The exploit doesn't work ...

you load it into a PHP enabled apache server and actually try to EXECUTE it instead of read it

:roll::roll::roll::roll::roll::roll::roll::roll::roll::roll::roll::roll::roll:

 

[TallBill]

Well 15 h4x0rs cant control 400 million pcs at once.

 

[NikPreviousAcct]

Wow, good thing I don't use IE.

 

[acemcmac]

Originally posted by: Nik
Wow, good thing I don't use IE.

qft

I was a late convert myself, but I still know some people in the office who use it

 

[Deleted member 4644]

Maybe we need a sticky on this.

 

[AznMaverick]

Pretty scarey

 

[Zugzwang152]

The Firefox fanboys will be saying the same things IE users are now one day: if you hold a significant market share, you WILL be targeted by malware. Firefox has started to have quite a few security flaws itself, and more "catastrophic" flaws will be revealed as it gains in popularity. You fanboys should try and keep perspective instead of running around with the "sky is falling" attitude.

 

[Kadarin]

Originally posted by: Zugzwang152
The Firefox fanboys will be saying the same things IE users are now one day: if you hold a significant market share, you WILL be targeted by malware. Firefox has started to have quite a few security flaws itself, and more "catastrophic" flaws will be revealed as it gains in popularity. You fanboys should try and keep perspective instead of running around with the "sky is falling" attitude.

It would be interesting to compare not only the number of security vulnerabilities, but also the type. For example, how many actually let you run .exe files...

 

[Zugzwang152]

Originally posted by: Astaroth33

Originally posted by: Zugzwang152
The Firefox fanboys will be saying the same things IE users are now one day: if you hold a significant market share, you WILL be targeted by malware. Firefox has started to have quite a few security flaws itself, and more "catastrophic" flaws will be revealed as it gains in popularity. You fanboys should try and keep perspective instead of running around with the "sky is falling" attitude.

It would be interesting to compare not only the number of security vulnerabilities, but also the type. For example, how many actually let you run .exe files...

I'm not trying to downplay this flaw, merely saying that equivalent flaws will appear in competing browsers given time and enough market share gain.

 

[Exsomnis]

It doesn't work on Firefox browsers and some pundits are suggesting moving over to the open sauce browser until IE is fixed.

God I hate The Inquirer, when are they going to hire someone who can spell?

 

[xcript]

Uh-oh, Spaghettios.

 

[klah]

Originally posted by: Zugzwang152
The Firefox fanboys will be saying the same things IE users are now one day: if you hold a significant market share, you WILL be targeted by malware. Firefox has started to have quite a few security flaws itself, and more "catastrophic" flaws will be revealed as it gains in popularity. You fanboys should try and keep perspective instead of running around with the "sky is falling" attitude.

http://news.netcraft.com/archives/web_server_survey.html
Apache: 71%

Now we know why we never see any IIS exploits. :roll:

Originally posted by: Exsomnis

It doesn't work on Firefox browsers and some pundits are suggesting moving over to the open sauce browser until IE is fixed.

God I hate The Inquirer, when are they going to hire someone who can spell?

You do realize that they create these terms and purposely use them on a regular basis, i.e. 'marchitecture', 'dramurai, etc.

The INQUIRER guide to INQUIRER jargon

 

[Miramonti]

And I was just looking for a quick way to launch the calculator too.

 

[DivideBYZero]

Originally posted by: klah

Originally posted by: Zugzwang152
The Firefox fanboys will be saying the same things IE users are now one day: if you hold a significant market share, you WILL be targeted by malware. Firefox has started to have quite a few security flaws itself, and more "catastrophic" flaws will be revealed as it gains in popularity. You fanboys should try and keep perspective instead of running around with the "sky is falling" attitude.

http://news.netcraft.com/archives/web_server_survey.html
Apache: 71%

Now we know why we never see any IIS exploits. :roll:

Originally posted by: Exsomnis

It doesn't work on Firefox browsers and some pundits are suggesting moving over to the open sauce browser until IE is fixed.

God I hate The Inquirer, when are they going to hire someone who can spell?

You do realize that they create these terms and purposely use them on a regular basis, i.e. 'marchitecture', 'dramurai, etc.

The INQUIRER guide to INQUIRER jargon

Really? Can you find 'Open Sauce'? Will you just admit that some of the people they employ are as dumb as half a rock?

 

[PokerGuy]

Yipes... I'm sure this will hit a lot of PC's unless a patch is rolled out quickly. We all know it's not too difficult to get a clueless user to click a link. Especially this time of year, when people are sending around links to 'fun' flash games about elves etc. All it takes is one of those 'funny' clips or flashes for folks to link to, and in the background the site installs a trojan etc.

Now why do people use IE again?

 

[AnonymouseUser]

Originally posted by: PokerGuy
Now why do people use IE again?

Since it was bundled with the OS that was installed on their computer it must be the best software available.

 

[Calin]

Originally posted by: Zugzwang152
The Firefox fanboys will be saying the same things IE users are now one day: if you hold a significant market share, you WILL be targeted by malware. Firefox has started to have quite a few security flaws itself, and more "catastrophic" flaws will be revealed as it gains in popularity. You fanboys should try and keep perspective instead of running around with the "sky is falling" attitude.

You are speculating - more "catastrophic" flaws could appear or could not appear, and the response to them could be faster or slower, the code to profit from them could appear earlier or later, the speed of propagation could be faster or slower.
I would say I am safe with Firefox for a good time ahead

 

[Calin]

The same reason almost everyone who buy a car uses the radio/cd-player/tape unit that shipped with the car - it is good enough, any alternative is costly (at least in terms of search time), there are no replacements (big ads and market recognition will tend to solve that problem)
While you could stay in your car and know which of the hydraulic lifters of a V6 DOHC engine is bad (there should be at least 24 lifters),
there are some people that won't recognize a virus/malware even if it will hit him with advertisements all day long