Sign in / up

back to article Microsoft scrambles to thwart new Internet Explorer 0-day attack

Microsoft has pushed out a temporary fix to defend against a zero-day vulnerability that surfaced in attacks launched last week. The security flaw (CVE-2012-4792) - which affects IE 6, 7 and 8 but not the latest versions of Microsoft's web browser software - allows malware to be dropped onto Windows PCs running the vulnerable …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. Destroy All Monsters Silver badge
    Windows

    > allows malware to be dropped onto Windows PCs running the vulnerable software

    Sure it isn't simply a TIFKAM install?

    3 1
    1. LarsG
      Reply Icon
      Meh

      Temporary fix notice from Microsoft = DON'T USE IT!

      1 2
      1. dogged
        Reply Icon
        Meh

        I think you'll find that's a Debian temporary notice.

        I've had quite a collection of those over the last eight years or so. MS usually give you something rather than rely on "hey, it was free, you can fucking wait".

        4 10
  2. Titus Aduxass
    Thumb Down

    IE6 / 7

    Surely no-one uses Internet Explorer 6 or 7 these days. Surely!

    Ah... except the company which *I* work for still does.

    2 0
    1. Crisp
      Reply Icon
      Boffin

      Re: IE6 / 7

      People using decades old technology! Grrr!

      They are the bane of my existence. Upgrade you Luddites!

      1 1
      1. I think so I am?
        Reply Icon
        Meh

        Re: IE6 / 7

        decades old software that works better than new and would cost millions to replace.

        Analysis of risk vs cost = why I'm employed

        Talk about bane of my existence = f*cking legacy Java apps

        0 0
  3. adam payne

    Another one of these bugs that been around for years and never found.

    0 0
  4. mrweekender
    WTF?

    Erm...

    ...given it's previous sterling security history who still uses Internet Explorer, irrespective of the version? Oh wait, it's those companies/governments who were fucked over with their "bespoke" [read: oh shit my eggs are all in one non standards compliant basket] applications.

    On another (kind of related) note, I can't wait to ditch Windows for gaming. Come on Mr Newell, get your bloody finger out!

    0 0
    1. Gerhard Mack
      Reply Icon
      Go

      Re: Erm...

      >On another (kind of related) note, I can't wait to ditch Windows for gaming. Come on Mr Newell, get your >bloody finger out!

      Steam for Linux is in open beta with Team Fortress 2 available for download.

      0 0
      1. mrweekender
        Reply Icon

        Re: Erm...

        Yeah, Team Fortress is good but it's a little old. I realise small steps are required but I would like to see some AAA titles (like Dishonoured) and while I also realise this is down to the game devs themselves, I just hope that Valve are pushing it hard. Personally, I don't want to be forced to use Microsoft products, any longer.

        0 0
    2. Canecutter
      Reply Icon
      Coat

      Re: Erm...

      I spoke with some of the guys I work with.

      They list their only use for Microsoft Explorer outside of company mandated usage is to act as an initial tool for downloading a copy of Chrome, Mozilla or Opera.

      What a thing!

      1 0
  5. Sporkinum

    Corporate slowness

    They are just starting to role out Windows 7 where I work. That will be with IE8. They are usually behind loading patches, and most likely won't update IE8 to IE9 anytime soon.

    1 1
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Corporate slowness

      Ditto here, only government.

      There are critical financial apps which "haven't been tested for compatibility with IE9 or above" and therefore no one wants to jump into an upgrade to the non-vulnerable versions of IE. And of course since IE9 isn't standard on the boxes, the finance apps devs don't want to waste time testing to a version that isn't used. Grrr!!!!!!

      0 0
  6. nuked

    IIRC you can't use any IE version above 8 on XP so best just sit tight if you're one of the many thousands of companies still using it until another stable version hits the shelves.

    0 0
  7. Herby

    I'm shocked!!

    I'm very shocked. There is a vulnerability in IE? And it existed back to IE6?

    Shocked, I say, shocked!

    Of course there are people who insist on wanting IE for all the wrong reasons, and having just talked to a business owner who must use it, a (drum roll) payroll program. Go figure.

    He also does stats on what type of browser is used for his web site, and (drum roll) IE wins again. So, yes users ARE stupid!

    0 0
    1. Ole Juul
      Reply Icon
      Coat

      Re: I'm shocked!!

      Being a bit of a conservative type, I don't really play around with Microsoft much. However, it certainly sounds like IE can be very exciting, and that does have a certain appeal.

      0 0
  8. david 12 Silver badge

    Another Flash exploit.

    I run a number of different browsers, but apperently this doesn't effect me because I use IE with EMET.

    However, I see that it also doesn't effect me because, on work computers, I do not have Flash installed. Is there a current (zero day) exploit using something other than Flash to exploit this bug?

    0 0
This topic is closed for new posts.

Other stories you might like