> allows malware to be dropped onto Windows PCs running the vulnerable software
Sure it isn't simply a TIFKAM install?
Microsoft has pushed out a temporary fix to defend against a zero-day vulnerability that surfaced in attacks launched last week. The security flaw (CVE-2012-4792) - which affects IE 6, 7 and 8 but not the latest versions of Microsoft's web browser software - allows malware to be dropped onto Windows PCs running the vulnerable …
This post has been deleted by a moderator
You sometimes wait but usually no more than a month at the very latest.
FOSS has the issue that a volunteer fixes the issue and you can't really complain about delays, whereas Apple simple deny that any problem exists.
These are the Reg forums, I can swear all I like. And I wasn't trolling; I've kept Debian boxes as webservers of choice for years.
There's nothing to report you for here. However, I believe I'm totally within the House Rules in calling you an unbearable little prick.
...given it's previous sterling security history who still uses Internet Explorer, irrespective of the version? Oh wait, it's those companies/governments who were fucked over with their "bespoke" [read: oh shit my eggs are all in one non standards compliant basket] applications.
On another (kind of related) note, I can't wait to ditch Windows for gaming. Come on Mr Newell, get your bloody finger out!
Yeah, Team Fortress is good but it's a little old. I realise small steps are required but I would like to see some AAA titles (like Dishonoured) and while I also realise this is down to the game devs themselves, I just hope that Valve are pushing it hard. Personally, I don't want to be forced to use Microsoft products, any longer.
This post has been deleted by a moderator
quote: "As I say to my friends, when surfing the net, stick to Firefox, chrome or even opera. IE should be banned as it is little more than a background malware installer with dodgy W3C compliance."
I understand what you are trying to say, however when most of the world use "Firefox, chrome or even opera", then malware will be actively targeting zero-days for Firefox, chrome or even opera, instead of IE.
You can get the Flash plugin for Firefox. Youtube wants users to install Flash when viewed in Firefox. Hello there, malware vector for Firefox, since most users will "just want to look at Youtube and Facebook" and therefore even have NoScript (assuming it's installed at all, since it does not install by default with Firefox) set to allow all on those sites.
You need to include user education in with a swap to an alternate browser, otherwise you're just delaying the malware inevitable :'(
>I understand what you are trying to say, however when most of the world use "Firefox, chrome or even opera", then malware will be actively targeting zero-days for Firefox, chrome or even opera, instead of IE.
Wow somebody has been living in a hole for the last several years. IE's days of even being the majority browser are long behind it. Noobs and even grandma have gotten the memo. And yes baddies do target the other browsers (with Chrome exploits being especially valuable) but since they largely by default were built for security instead of eliminating rivals so they worry less about things like ActiveX exploits or having unnecessary privileged access to the OS itself.
Ditto here, only government.
There are critical financial apps which "haven't been tested for compatibility with IE9 or above" and therefore no one wants to jump into an upgrade to the non-vulnerable versions of IE. And of course since IE9 isn't standard on the boxes, the finance apps devs don't want to waste time testing to a version that isn't used. Grrr!!!!!!
I'm very shocked. There is a vulnerability in IE? And it existed back to IE6?
Shocked, I say, shocked!
Of course there are people who insist on wanting IE for all the wrong reasons, and having just talked to a business owner who must use it, a (drum roll) payroll program. Go figure.
He also does stats on what type of browser is used for his web site, and (drum roll) IE wins again. So, yes users ARE stupid!
I run a number of different browsers, but apperently this doesn't effect me because I use IE with EMET.
However, I see that it also doesn't effect me because, on work computers, I do not have Flash installed. Is there a current (zero day) exploit using something other than Flash to exploit this bug?
Biting the hand that feeds IT © 1998–2021