View Full Version here: : New vulnerability in IE7, 8 & 9
GeoffW1
18-09-2012, 05:56 PM
Hi,
Geez, is there no end to it? A new hole in IE and Windows, and what you should do..............
http://www.smh.com.au/it-pro/security-it/microsoft--urges-computer-users-to-install-security-tool-20120918-263vv.html
Cheers
mithrandir
18-09-2012, 06:55 PM
See also Codeproject's "Critical zero-day bug in Internet Explorer under active attack (http://www.codeproject.com/News.aspx?ntag=19837497389724691&_z=2234420)" which links to Ars Technica.
There will probably be CERT and SANS links soon.
Larryp
18-09-2012, 07:10 PM
The story goes that IE10 is not affected-will IE10 run on 64 bit Widows 7?
multiweb
18-09-2012, 07:33 PM
No I think it'll run only on Win8. There are two versions of IE9 on win7, 32 and 64bit.
Larryp
18-09-2012, 07:39 PM
Does this bug affect both 32 bit and 64 bit IE9?
multiweb
18-09-2012, 07:41 PM
Yeah I'd say so. The main problem is that alot of windows apps use IE indirectly so the flood gates are open whether you use your browser or not. Even sandboxing wouldn't work. MS have some work to do and fast.
Barrykgerdes
19-09-2012, 08:50 AM
Windows programs have more holes in them than a sieve. They would not work without the access they provide for normal operation. If you want security don't use the internet, or even better don't use a computer if security is important.
Barry
Colin_Fraser
19-09-2012, 02:50 PM
I often wondered whether the security holes are intentional and are only revealed when someone raises the alarm.
Now I think not. Microsoft are not smart enough to write their own code.
IE is made up of scores of modules stolen from others and Microsoft have, since 1995, made a dog's breakfast trying to put these modules together.
mithrandir
19-09-2012, 06:16 PM
Here (http://www.us-cert.gov/cas/techalerts/TA12-262A.html)'s the CERT advisory. There's an entry in this morning's issue of SANS NewsBites too. I can't post that (not permitted), but they reference:
arstechnica (http://arstechnica.com/security/2012/09/critical-zero-day-bug-in-microsoft-internet-explorer/)
computerworld (http://www.computerworld.com/s/article/9231367/Hackers_exploit_new_IE_zero_day_vul nerability?taxonomyId=85)
krebsonsecurity (http://krebsonsecurity.com/2012/09/exploit-released-for-zero-day-in-internet-explorer/)
troypiggo
19-09-2012, 07:01 PM
You use Windows/IE, you roll the dice :D
Barrykgerdes
20-09-2012, 08:13 AM
I use IE8 and Firefox
With IE8 I am asked to load Adobe flash at least 3 times per week to see most video.
With Fire fox I can watch the same programs without the request.
Barry
GeoffW1
20-09-2012, 02:07 PM
Hi,
More on this
http://windowssecrets.com/newsletter/a-cheap-effective-home-server-using-windows-8/#story2
Cheers
vBulletin® v3.8.7, Copyright ©2000-2024, vBulletin Solutions, Inc.