Microsoft Probing New Hole In Ie Security

[terenceyeo]

Microsoft probing new hole in IE security

SAN FRANCISCO (AFP) - Fresh from patching an Internet Explorer (IE) flaw exploited in cyberattacks on Google and other firms, Microsoft is looking into a newly exposed vulnerability in the browser software.

"Microsoft is investigating a responsibly disclosed vulnerability in Internet Explorer," Microsoft Trustworthy Computing group manager Dave Forstrom told AFP on Wednesday.

"We're currently unaware of any attacks trying to use the vulnerability or of customer impact, and believe customers are at reduced risk due to responsible disclosure."

Read more: http://nz.news.yahoo.com/a/-/technology/67...in-ie-security/

-- AFP 2010-02-04

[Samuian]

the whole thing seems to be a gigantic hole!

[terenceyeo]

welcome to the world of micro and soft.

firefox and chrome are cool stuff.

the whole thing seems to be a gigantic hole!

[SeanMoran]

The software giant issued a security advisory warning of the danger and recommending XP users enable a 'Network Protocol Lockdown' feature and IE software be set to 'Protected Mode'.

Isn't Protected Mode that which is not Real Mode, enabling a program to access RAM addresses beyond 640Kb? It certainly would seem a worthwhile idea that IE should be run in Protected Mode in this day and age.

[nikster]

The software giant issued a security advisory warning of the danger and recommending XP users enable a 'Network Protocol Lockdown' feature and IE software be set to 'Protected Mode'.

Isn't Protected Mode that which is not Real Mode, enabling a program to access RAM addresses beyond 640Kb? It certainly would seem a worthwhile idea that IE should be run in Protected Mode in this day and age.

The only protected mode that IE knows is called Firefox.

@Samuian - that's closer to the truth than you think. The idea back when with Windows, and also with IE was that "everything can access everything else". Much more convenient than those ancient unix systems where everything is protected. Even Active X was implemented with that in mind. Isn't it great - your browser can do anything it wants on your computer.

Well we all know how well that went, and now IE is wrapped by many layers of band-aid to provide some semblance of security.

[SeanMoran]

The software giant issued a security advisory warning of the danger and recommending XP users enable a 'Network Protocol Lockdown' feature and IE software be set to 'Protected Mode'.

Isn't Protected Mode that which is not Real Mode, enabling a program to access RAM addresses beyond 640Kb? It certainly would seem a worthwhile idea that IE should be run in Protected Mode in this day and age.

The only protected mode that IE knows is called Firefox.

Short memories. It's interesting to watch Microsoft's own ignorance digging itself a grave to fall into.

[Crushdepth]

Simple solution: Get another browser. Microsoft has had plenty of opportunity to demonstrate that they don't give a shit about the security of the products. Whatever happened to 'trustworthy computing' or whatever it was? I had this stupid idea they were going to audit their code?

Edit: IE market share fell below 50% in January. They've lost market every quarter for years. Going down the toilet slowly but very surely.

Edited February 4, 2010 by Crushdepth

[cdnvic]

The only protected mode that IE knows is called Firefox.

[Supernova]

Microsoft Security Advisory - Vulnerability in Internet Explorer could allow information disclosure

[bendejo]

I like the title. It can be altered to

"Microsoft probing new hole to screw customers" at the next product introduction.

[terenceyeo]

go for firefox or chrome.