Serious flaw in Internet Explorer not fixed yet

From the Washington Post:

Serious flaw in Internet Explorer not fixed yet

SAN FRANCISCO – Users of all current versions of Microsoft Corp.'s Internet Explorer browser might be vulnerable to having their computers hijacked because of a serious security hole in the software that had yet to be fixed Monday.

The flaw lets criminals commandeer victims’ machines merely by tricking them into visiting Web sites tainted with malicious programming code. As many as 10,000 sites have been compromised since last week to exploit the browser flaw, according to antivirus software maker Trend Micro Inc.
The sites are mostly Chinese and have been serving up programs that steal passwords for computer games, which can be sold for money on the black market. However, the hole is such that it could be “adopted by more financially motivated criminals for more serious mayhem _ that’s a big fear right now,” Paul Ferguson, a Trend Micro security researcher, said Monday.
“Zero-day” vulnerabilities like this are security holes that haven’t been repaired by the software makers. They’re a gold mine for criminals because users have few ways to fight off attacks.

The latest vulnerability is noteworthy because Internet Explorer is the default browser for most of the world’s computers. Also, while Microsoft says it has detected attacks only against version 7 of Internet Explorer, which is the most widely used edition, the company warned that other versions are also potentially vulnerable.

Microsoft said it is investigating the flaw and is considering fixing it through an emergency software patch outside of its normal monthly updates, but declined further comment. The company is telling users to employ a series of complicated workarounds to minimize the threat.

This one sounds like a doozy, folks. Whatever you do, switch to another browser until they get this fixed.

My fav is Mozilla Firefox, but there is also Google Chrome (just out of beta) and Safari for Windows.

Of course, you Mac users can feel free to laugh at the rest of us.

:rotfl:
:wink:

I’m using Firefox. I love its pop-up blocker and noscript feature.

Me too, also the CustomizeGoogle extension.
I got sick of going back and forth from FF at home to IE (popups! blech!) at work so I got Firefox Portable.

Why does anybody use IE anymore when there are alternatives?

I’ve tried both Google Chrome and Firefox. I like both but my heart lies with the open source firefox.

Believe it or not, there are people who put a lot of trust in Microsoft. My mother, for example. :face-palm:

People still use IE?

http://pages.prodigy.net/rogerlori1/emoticons/lol4.gifhttp://pages.prodigy.net/rogerlori1/emoticons/lol6.gifhttp://pages.prodigy.net/rogerlori1/emoticons/laughing.gifhttp://pages.prodigy.net/indianahawkeye/newpage12/1.gifhttp://pages.prodigy.net/rogerlori1/emoticons/rofl.gifhttp://pages.prodigy.net/rogerlori1/emoticons/lol3.gif:rotfl:http://pages.prodigy.net/indianahawkeye/newpage11/9.gif

I like Internet Explorer because it’s blue :slight_smile: Plus, I don’t go on any Chinese sites.

OK, so I downloaded Firefox last night and am using that right now. One question. With IE, I was able to post a message here by pressing ALT-S on the keyboard. Now when I do that, it takes me to the History drop down menu. Does anyone know a keyboard shortcut to post a reply or will I just have to use the mouse and click from now on? I love keyboard shortcuts so I really hope there is one!

For all those that are pro-Firefox…how do you get YouTube to work?

What problem are you having?
I just go you Youtube (not that often) and click on whatever. Check and see if you have javascript enabled under Tools/Options/Content.

Btw, if you go to the search box in the upper right you can add YouTube to your search engines.

The problem I have is that it says JavaScript is not enabled. It works fine when I log in via Yahoo! AT&T. I’ll check that under Firefox, though. Thanks. :slight_smile:

Edit: Just checked, all systems go. Still not working.

We just got a notice at work that a patch is being pushed out tomorrow morning. Do not know if it is related to this.

I have not had a problem with Internet Explorer 7. I’m posting because there is now an Explorer 8. So far, it installed and is working very well. There is a symbol of a broken page that appears right of the address bar, and clicking on that will correct the viewing of pages, and it has appeard for CNA, but not needed by me. Also, I can have web slices. It actually has a lot of security, for I see a in “private browsing window” button on the “new tab” page. The “serious flaw” was likely fixed by Microsoft, and I remember that it was. There was a website problem that was specifically the website’s … checkfree. I had an email about it.

Do tell. :smiley:

Researcher hacks just-launched IE8Cracks Microsoft’s new browser hours before release; also hacks Safari, Firefox

Hey, dude, nobody loves a showoff. Otoh, I bet Mozilla has a fix for FF out withing 48 hours – Microsoft, who knows?

And for you Apple-olators:

** Researcher cracks Mac in 10 seconds **

                        **                               [Security researcher Charlie Miller won CanSecWest's PWN2OWN hacking contest for the second straight year, improving his time                                  and winning a $5,000 cash prize                                ]("http://www.infoworld.com/article/09/03/19/Researcher_cracks_Mac_in_10_seconds_1.html")                            **

Hey, dude, nobody loves a showoff. Otoh, I bet Mozilla has a fix for FF out withing 48 hours – Microsoft, who knows?

I’m not a dude.

I found the story about the prize winning hacker of IE8. Thanks.

Also found the story about IE8 being the slowest.

New features: I’m typing this in the “inprivate” mode. Also, your link didn’t work, so I highlighted some of the words that were not touching, and searched easily with a click on the green button which appears.

There *is *an update, I think, with respect to its dynamic installer compatibility.

The “Hey, dude” comment was intended for the guy cracking all the browsers :wink:
Sorry about the links, I did the usual “insert link” thing. What’s “inprivate”, like Chrome’s stealth mode?

I have been a big fan of Microsoft’s since 3.1. Currently using IE8, and their OneCare service. I have never had a virus or software problem. Something about trusting an opensource program like firefox that makes me trust IE8 just a tad more.

Would you be willing to explain this a bit more? I don’t understand what you mean. Are you suggesting that an open source application, such as Firefox, would incorporate viruses or other malware?

DISCLAIMER: The views and opinions expressed in these forums do not necessarily reflect those of Catholic Answers. For official apologetics resources please visit www.catholic.com.