Jump to content

New IE Security Flaw Called 'extremely Critical'


Recommended Posts

Posted

Danish security company Secunia has upgraded a security warning on a flaw in Internet Explorer 6.0, to "extremely critical".

The flaw allows malicious code to be loaded onto the machines of Windows XP users, even though they may have installed the XP Service Pack 2 security software.

It opens a machine to hackers even though a user has not completed any action - they simply have to visit a web page containing the rogue code.

Nathan Mercer, technology specialist at Microsoft New Zealand, confirmed that three patches will be released tomorrow morning, NZ time. However, Mercer was unable to say whether the patches cover the Internet Explorer-related issues reported by Secunia.

Check if your computer is vulnerable here:

Secunia has constructed a test, which can be used to check if your browser is affected by this issue:

http://secunia.com/internet_explorer_comma...erability_test/

Posted

hi' :D

I'm not, both Firefox 1.0 and Netscape 7.2 simply don't react to the click.

javascript.start(): ... :D

feeling good :o

francois

Posted
hi'  :D

I'm not, both Firefox 1.0 and Netscape 7.2 simply don't react to the click.

javascript.start():  ... :D

feeling good :D

francois

Ditto - then I ran IE and the result was "You are vulnerable" :o:D:D

Glad these guys don't go for Firefox. Yet :D

Posted
Danish security company Secunia has upgraded a security warning on a flaw in Internet Explorer 6.0, to "extremely critical".

The flaw allows malicious code to be loaded onto the machines of Windows XP users, even though they may have installed the XP Service Pack 2 security software.

It opens a machine to hackers even though a user has not completed any action - they simply have to visit a web page containing the rogue code.

Nathan Mercer, technology specialist at Microsoft New Zealand, confirmed that three patches will be released tomorrow morning, NZ time. However, Mercer was unable to say whether the patches cover the Internet Explorer-related issues reported by Secunia.

Check if your computer is vulnerable here:

Secunia has constructed a test, which can be used to check if your browser is affected by this issue:

http://secunia.com/internet_explorer_comma...erability_test/

I am ok now after getting the latest patch from Bill Gates. Phew!

Posted

I would be vulnerable had it not been for Kerio Personal Firewall that intercepted the Command Prompt and asked me if I wanted to permit the action or not. :o

Brilliant firewall. I also use Firefox 99.5% of the time, and IE only when necessary because of site restrictions.

Posted

In Fireofox no problem, of course.

In Windows I have ActiveX turned off. It asks me to turn it on is a page uses it. I would never turn it on if it was a dodgy site. (I.e. anything that's not one of the sites I regularly visit and trust, which is only a handful).

Even after clicking to allow ActiveX though, it came back saying that my security settings prevent me from running it.. So even with IE I would have been okay.

That said, even though I use only Firefox, I did run into some kind of adware that opens op web pages (in Firefox) of ad sites. Even worse: Ad sites that are made to look like an ad for something else. Like it would open 'hotjobs by Yahoo' (with their logo and style and everthing) but the link would point some place else.

I wish someone would make 'bringing these folks to justice' a priority.

Posted

Cool, I run valid licensed windows!!!!!!!!!!!!!!!!!! Just tried the validation step.

The result is a surprise, given that my copy came from Mr. Happy's VCD & Game shop for 100 baht.

My confidence in Mr. Happy has been restored. Highly recommended. :o

Posted
I wish someone would make 'bringing these folks to justice' a priority.

But bring who to justice? Secunia merely identified the vulnerability; nobody's actually exploited it yet.

Okay, it's yet another bug in IE, but it is software - these things happen...

Posted

> But bring who to justice?

Creators of ad-ware, spyware, spam, malware, trojans and viruses, in that order. :D

(Sorry I wasn't too clear on who exactly needs escorting to justice. :o )

Posted

can someone tell me what exactly is activex , and why is it wise to turn it off. and how to turn it off.

(running winxp pro...sp1.,explorer6,zone alarm pro,spybot,microsoft beta,adaware,norton antivirus 2003 pro... would have thought that all that would be protection enough. !)

thanks

Posted
can someone tell me what exactly is activex , and why is it wise to turn it off. and how to turn it off.

(running winxp pro...sp1.,explorer6,zone alarm pro,spybot,microsoft beta,adaware,norton antivirus 2003 pro... would have thought that all that would be protection enough. !)

thanks

Active X is basicly what allows all these little goodies that complicate sites to run. Video, streaming media, etc, are active x applications. Because it interacts with your computer, rather than just displaying a static site, there are risks that it may be used to invade, or compromise your system.

Ten years ago, the internet rocked... then this came along :o

This site will explain it better than I can... I'm way past needing sleep.

http://www.active-x.com/articles/whatis.htm

goodnight

cv

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...