back to article It's Friday, the weekend has landed... and Microsoft warns of an Internet Explorer zero day exploited in the wild

Welcome to another Reg roundup of security news. Still using Internet Explorer? Don't. There's another zero-day Microsoft let slip on Friday an advisory detailing an under-attack zero-day vulnerability (CVE-2020-0674) for Internet Explorer. The scripting engine flaw can be exploited to gain remote code execution on a …

  1. richardcox13

    Unless you're an enterprise still requiring IE for various apps, you should really consider moving off Exploder at this point.

    Corrected version: whatever organisation you are you should have considered moving off IE already and executed the plan to do so.

    1. rmason

      Honestly it doesn't really matter that much.

      Yes, you can remove the internet explorer" windows feature".

      this removes the browser. It doesn't remove the engine. Lots of internal windows stuff will carry on calling, and using IE to do "stuff". Anything that calls mshtml.dll, for e.g. will use IE. Old sharepoinjt stuff will. Certain interactions from your other "safe" browsers with explorer.exe act in such a way that the IE engine is used (etc etc etc)

      So while it partially helps, it's really no solution. We need a patch still.

      The "workaround" MS are advising here is the *exact same one* they put forward for the last one or two IE related CVEs, so anyone who hasn't done that already, just isn't looking / caring.

  2. amanfromMars 1 Silver badge

    What's new?

    The scripting engine flaw can be exploited to gain remote code execution on a vulnerable machine by way of a specially crafted webpage.

    Is that not exactly the same way the news and media is employed to capture the hearts and minds of vulnerable humans via their daily broadbandcasts/propagandising 0days?

    After all, how else are you to be easily and sublimely trained to believe what certain others are determined and require you to believe so that they can continue to exclusively expand and further exploit the privileges they are provided with?

    Such is just the way everything is made to work extremely well for a relative few nowadays. It is usual and not at all abnormal even if it is more than a little disturbing and catastrophically prone to all manner of instant attack/built up pressure.

    1. Anonymous Coward
      Anonymous Coward

      Re: W... ...w?

      "...Such is... ...pressure" - so little has been typed, amanfromMars, and so much has been explained

      1. amanfromMars 1 Silver badge
        Mushroom

        Re: Re: W... ...w?

        "...Such is... ...pressure" - so little has been typed, amanfromMars, and so much has been explained .... Anonymous Coward

        And what is one to make of the stunning silence of the masses and El Regers on such a matter as leads them in ways in which they have no command and control/say and reward, AC?

        Is it a lack of an application of intelligence delivering a mental block on the obviousness of it all and a fine accompaniment for a brace of earlier thoughts attributed to Mark Twain ..... “It’s easier to fool people than to convince them that they have been fooled.” ...... and an Edward Bernays ...... The conscious and intelligent manipulation of the organized habits and opinions of the masses is an important element in democratic society. Those who manipulate this unseen mechanism of society constitute an invisible government which is the true ruling power of our country. We are governed, our minds are molded, our tastes formed, our ideas suggested, largely by men we have never heard of. ..... and/or are more than just a few humans just simply easily retarded for contiguous abuse?

        I wonder if media are wary of being terrified and terrorised by being rightly held responsible and accountable for the decidedly and designedly destructive tales that they spin?

        1. amanfromMars 1 Silver badge

          WTF ..... SNAFU but not FUBAR

          Is this a case of Lord Hall jumping ship to try and avoid current responsibility and future accountability while he still can for the dire straits of many nations? ..... https://www.express.co.uk/news/uk/1230768/BBC-news-tony-hall-resigns-director-general-BBC-licence-fees-pay

          Don't let the door hit you on the way out, M'Lud. A square peg in a round hole is never ever going to be a prime fit for swamp conditions.

    2. IGotOut Silver badge

      Re: What's new?

      Quick The Reg has been hacked!

      Amanfrommars almost made sense!

    3. anonymous boring coward Silver badge

      Re: What's new?

      "Is that not exactly the same way..."

      Well, no, not exactly.

  3. Version 1.0 Silver badge
    Alert

    State Of The Art

    This is just normal everyday life - I watch our mail-server incoming scanner every day and I've seen an uptick in malware arriving recently with about 50% sailing through the AV software only to be caught by my filters. We're seeing more and more large scale infections in local government IT too which is not a surprise given that so many email attachments sail through the anti-virus checks. A lot of the infected emails are well targeted, I suspect that the malware community, or some government somewhere, is using AI to generate them.

    1. Truth4u

      clamav is pretty poor

      I finally uninstalled it having realised it never once caught anything, not even the eicar file in my tests. In actuality clamav uses large amounts of RAM and doesn't offer any protection.

  4. mark l 2 Silver badge

    I have said it before and I will repeat it, IE has no business being allowed out on the open internet in 2020. Internet explorer should not be preinstalled on any new versions of Windows. You should have to download and manually install it and it should be set to only allowed to access whitelisted sites.

    Anyone not following that rule deserves what they will get when their machine get p0rned.

    1. IGotOut Silver badge
      Coat

      How do I get my machine p0rned? Sounds great, if not a little messy..

    2. rmason

      Still leaves the IE engine on all machines and dozen / hundreds of ways that windows it'self uses it to run / interact with things.

      This does not make you safe, simply a *bit* safer than having IE the browser installed.

  5. Anonymous Coward
    Anonymous Coward

    Are the Russians coming?

    Regarding the Georgia election server hack...

    The Republican Party candidate has won the gubernatorial race since 2002.

    The Democrats have come closer to winning in recent elections.

    If the Russians did adjust the vote count in the last two elections, one could argue that it was in support of the Democratic candidate.

    Based on what I've read, we're never going to know one way or the other what was done or not done in terms of vote count manipulation.

    If the Russians (i.e. ultimately the government) are responsible, then it demonstrates the following:

    1. The ability to kick American ass.

    2. The ability to sow dissension and create a sense that one's vote is a failed endeavor.

    Do we know if the Russians really did it?

    The election server was housed at a college. Was it using the college's IP range?

    Hacker(s) use automated attacks and those attacks are sent against IP address(es)/ranges.

    Without additional info, it's not impossible that the hacker(s) realized that the attack had compromised an election server and then ran for the exit.

  6. Dabooka

    It amazes me it's still so popular, but then again...

    Right, it's crap. We know this. Yet for some reason it is still used out of the box.t.

    Where I work we're now all on Win 10 and 365, generally locked down but you can add Chrome and Firefox. This means that with Edge and IE we have four browsers to choose from.

    Only IE and Edge are installed by default, and most don't even know how / why they would install the other options. I know this to be a fact as a large percentage of the people work with struggle to get certain web based systems to function or even display on IE (easy fix, use any one of the others). Yet guess what the default browser is set to? Guess what option Admin has stopped us (as users) changing?

    So even when there is a newer offer by default, the system still reverts to IE. Which is broken and crap. And to help with this we can download others, but they won;t change the default (or can;t?)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020