• Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Torrents

    Serious security flaw found in IE

    BitTorrent & Internet News
    6
    9
    4564
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • raphjd
      raphjd Forum Administrator last edited by

      hXXp://news.bbc.co.uk/1/hi/technology/7784908.stm

      Serious security flaw found in IE

      Users of Microsoft's Internet Explorer are being urged by experts to switch to a rival until a serious security flaw has been fixed.

      The flaw in Microsoft's Internet Explorer could allow criminals to take control of people's computers and steal their passwords, internet experts say.

      Microsoft urged people to be vigilant while it investigated and prepared an emergency patch to resolve it.

      Internet Explorer is used by the vast majority of the world's computer users.

      "Microsoft is continuing its investigation of public reports of attacks against a new vulnerability in Internet Explorer," said the firm in a security advisory alert about the flaw.

      Microsoft says it has detected attacks against IE 7.0 but said the "underlying vulnerability" was present in all versions of the browser.

      Other browsers, such as Firefox, Opera, Chrome, Safari, are not vulnerable to the flaw Microsoft has identified.

      Browser bait

      "In this case, hackers found the hole before Microsoft did," said Rick Ferguson, senior security advisor at Trend Micro. "This is never a good thing."

      As many as 10,000 websites have been compromised since the vulnerability was discovered, he said.

      "What we've seen from the exploit so far is it stealing game passwords, but it's inevitable that it will be adapted by criminals," he said. "It's just a question of modifying the payload the trojan installs."

      Said Mr Ferguson: "If users can find an alternative browser, then that's good mitigation against the threat."

      But Microsoft counselled against taking such action.

      "I cannot recommend people switch due to this one flaw," said John Curran, head of Microsoft UK's Windows group.

      He added: "We're trying to get this resolved as soon as possible.

      "At present, this exploit only seems to affect 0.02% of internet sites," said Mr Curran. "In terms of vulnerability, it only seems to be affecting IE7 users at the moment, but could well encompass other versions in time."

      Richard Cox, chief information officer of anti-spam body The Spamhaus Project and an expert on privacy and cyber security, echoed Trend Micro's warning.

      "It won't be long before someone reverse engineers this exploit for more fraudulent purposes. Trend Mico's advice [of switching to an alternative web browser] is very sensible," he said.

      PC Pro magazine's security editor, Darien Graham-Smith, said that there was a virtual arms race going on, with hackers always on the look out for new vulnerabilities.

      "The message needs to get out that this malicious code can be planted on any web site, so simple careful browsing isn't enough."

      "It's a shame Microsoft have not been able to fix this more quickly, but letting people know about this flaw was the right thing to do. If you keep flaws like this quiet, people are put at risk without knowing it."

      "Every browser is susceptible to vulnerabilities from time to time. It's fine to say 'don't use Internet Explorer' for now, but other browsers may well find themselves in a similar situation," he added.

      1 Reply Last reply Reply Quote 0
      • raphjd
        raphjd Forum Administrator last edited by

        I have found several other articles on the topic that say that all Internet Explorer current versions {5 - 8 beta} are vulnerable.

        1 Reply Last reply Reply Quote 0
        • U
          unknown69 last edited by

          Oh no I'm at risk… oh wait I'm not using IE.

          1 Reply Last reply Reply Quote 0
          • ulises3177
            ulises3177 last edited by

            @unknown69:

            Oh no I'm at risk… oh wait I'm not using IE.

            No, you aren't safe. Using windows 98 and Firefox 2.0 mmm… :blind:

            1 Reply Last reply Reply Quote 0
            • Y
              yababylol last edited by

              Sometimes I forget that there are still people in the world that use IE.

              1 Reply Last reply Reply Quote 0
              • MrMazda
                MrMazda Global Moderator last edited by

                Sadly, I am the minority of the internet population… Not only do I not use MSIE, but I also REFUSE to use anything Microsoft based. I'm even a little hesitant on using Apple products because of Microsoft's continuous affiliation with Apple behind closed doors.

                Whap The User
                The only difference between martyrdom and suicide is press coverage!

                1 Reply Last reply Reply Quote 0
                • ArmaRayo
                  ArmaRayo last edited by

                  I use Opera. It's a very nice browser with Chromium engine.

                  Opera now has even built in ad blocker (no need to have extra extensions that are harsh on system resources and you don't give out your browsing details to some random coder that did an extension).

                  Opera also has built in VPN!

                  I recommend Opera! hXXp://www.opera.com/

                  1 Reply Last reply Reply Quote 0
                  • MrMazda
                    MrMazda Global Moderator last edited by

                    If you recommend Opera, why are you using Google Chrome?  :funny2:

                    Whap The User
                    The only difference between martyrdom and suicide is press coverage!

                    1 Reply Last reply Reply Quote 0
                    • ArmaRayo
                      ArmaRayo last edited by

                      Oh, actually I'm using Vivaldi browser - but I have decided to dedicate Opera for porn browsing 😉

                      Both Opera and Vivaldi as well as Chrome use Chromium project as browser base with Blink engine (developed by Google & Opera).

                      Chromium project is older than Google, but Chrome is the most "popular" of Chromium/Blink browsers.

                      It's common for sites to register my browser (Vivaldi or Opera) as Chrome, or more so current Chromium/Blink version that the browser uses 🙂

                      1 Reply Last reply Reply Quote 0

                      • 1 / 1
                      • First post
                        Last post