Slashdot Mirror

← Back to Stories (view on slashdot.org)

Latest IE Hole Lets Gopher Root You

Posted by ryuzaki0 on from the well-isn't-that-special dept.

rvaniwaa writes "Another hole in internet explorer has been discovered. This hole allows a hacker to root a user's computer whenever the user clicks on a gopher link. All versions of IE are affected and a Microsoft spokesman stated that the company is "moving forward on the investigation with all due speed""

33 of 533 comments (clear)

  1. Too damn obvious by CaseyB · · Score: 5, Funny

    Let the "gopher hole" jokes begin.

    1. Re:Too damn obvious by Bob+McCown · · Score: 2, Funny
      OK...

      Here's one

    2. Re:Too damn obvious by kesuki · · Score: 4, Funny

      If this proves anything, It proves that you can't trust gophers. It's just like caddyshack all over again... those mangy critters, rooting IE.

      --
      https://www.gnu.org/philosophy/free-sw.html
    3. Re:Too damn obvious by Jucius+Maximus · · Score: 4, Funny
      Is it wednesday already? Time sure flies.

      I didn't expect the next roothole announcement to appear so soon.

  2. Not thursday yet by Gyorg_Lavode · · Score: 1, Funny

    Humm, it's early this week.

    --
    I do security
  3. hostile Gopher site? by Fantanicity · · Score: 4, Funny

    "hostile Gopher site"? Ouch ... I think shall wear kevlar underpants while using IE in future.

  4. And how's that working for ya? by jimmu · · Score: 4, Funny

    From the article:

    In January, Microsoft Chairman Bill Gates instructed employees to make software security a top priority.

    Yeah, looks like everythings moving full steam ahead on that front.

    --

    ----
    One of us needs to stick ones' head in a bucket of ice water.
    - Hobbes
  5. New MS Hacker Slogan by Anonymous Coward · · Score: 5, Funny

    "Where do you want to gopher today?"

  6. ObCaddyshack: by kafka93 · · Score: 3, Funny

    "I smell varmint poontang, and the only good varmint poontang is dead varmint poontang, I think."

  7. And we all know by TheDick · · Score: 1, Funny

    How damn common those gopher links are, I click on hundreds per day, whatever am I going to do?

    Use Archie!

    --

  8. well you can't expect... by arson1 · · Score: 5, Funny

    Well you can't expect Microsoft to keep up with all these new technologies and formats!

    --


    --
    Don't sweat the petty things, and don't pet the sweaty things.
    1. Re:well you can't expect... by SethJohnson · · Score: 2, Funny


      You have a strong understanding of the obvious, but a weak sense for sarcasm. Congratulations. You'll probably be promoted into management.
      --
      $5 / month hosted VPS on linux = awesome!
  9. Yay I'M SAFE! by ramdac · · Score: 2, Funny

    I don't have a root user...this must mean my M$ machine is perfectly safe!?

    1. Re:Yay I'M SAFE! by Kizzle · · Score: 4, Funny

      Thats what sucks about windows, you can't say that you rooted some one. Saying "I AMINISTRATORED YOU!" just doesnt sound cool.

      --
      Hacker Media
    2. Re:Yay I'M SAFE! by zulux · · Score: 5, Funny

      The best thing about Windows?

      It forced me to learn to spell 'administrator.'

      Kinda like how FTP forced me to learn to spell 'anonymous.'

      Or somthing.

      --

      Moneyed corporations, non-working 'poor' and criminal prisoners are turning productive citizens into tax-slaves.

  10. New Product: Microsoft Door by Ghengis · · Score: 2, Funny

    Keep the burglars out of your house with the new Microsoft Door. Complete with not dead-bolts, but tape, yes TAPE to keep it locked. Also, we've reached an all new level of user friendliness with the omission of door-knobs!!!

    --

    "The best laid plans of mice and men gang oft agley..." - ROBERT BURNS

  11. Comment removed by account_deleted · · Score: 2, Funny

    Comment removed based on user account deletion

  12. 9 out of 10 Terrorists agree! Microsoft's secure! by JohnDenver · · Score: 4, Funny

    Obligitory reference to story posted earlier today...
    'Think Tank' Issues Microsoft-Funded Troll

    According to this ZDNet article, a Washington think tank known as the Alexis de Tocqueville Institution is soon to release a study stating that Open Source Software allows terrorists an easy time hacking into our systems. It's little suprise that this group takes money from Microsoft." The Register's story is good too. All the whoring reports in the world won't make open source any less secure.

    Everybody knows terrorists love to target Mozilla users by sending them links which causes there system to email Star Office attachments to everybody with payloads that will delete all your OGGs and PNGs by exploiting security holes in Sendmail.

    --
    "Communism is like having one [local] phone company " - Lenny Bruce
  13. Whack-a-Mole (not quite a gopher joke, but... by dpilot · · Score: 4, Funny

    certainly more applicable to the concept of fixing security holes in Microsoft software.

    FYI: Whack-a-Mole is an old arcade game where you hold a padded mallet facing a slightly inclined surface with a half-dozen or so holes. Periodically a little mole pops up from a hole, and you try to whack him before he goes back down on his own. A little bit like playing XBill, only in the Real World.

    --
    The living have better things to do than to continue hating the dead.
  14. Since When by quantaman · · Score: 3, Funny

    A Microsoft spokesman who refused to be identified said Tuesday that the company is "moving forward on the investigation with all due speed" and will take the action that best serves its customers.

    Since when did M$ start offering downloads of Mozilla?

    --
    I stole this Sig
  15. This was in the works for some time by BoxJockey · · Score: 2, Funny

    As you can imagine, "the gopher hole" was a project microshaft envisioned early-on. They couldn't let this go public until they had something to catch the little beasts with. Fortunately now they can catch the gophers with microshaft's giant .net.

    --
    "UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things."
  16. mosiac money by OpenMind(tm) · · Score: 2, Funny

    The possibility of this being a Mosaic hole reminds me of one of life's fun little ironies:

    Marc Andreessen wrote Mosaic while at the University of Illinois. After he went on to found Netscape, Microsoft came to an agreement with the University of Illinois to license the Mosaic source code to use it as the core of the Internet Explorer browser. The fact that they still license it is referenced in IE's "About Box". Now the UofI's intellectual property policy is that the creators of the property get ~40% of the licensing money. So, the odds are pretty good that Marc gets annual checks of Microsoft money to pay for his old source code, which was used to destroy his beloved company. Makes me feel bad for him.

    Still, it is kind of funny that Microsoft ends up paying some miniscule part of my University salary because they've never been able to write a web browser from scratch.

  17. New MS Slogan! by Hiro+Antagonist · · Score: 3, Funny

    Microsoft: Now with more exploited holes than a two-dollar hooker.

    --

    --
    I Hit the Karma Cap, and All I Got Was This Lousy .sig.
  18. Get Your Easy Fix Right Here!!!! by kryzx · · Score: 5, Funny
    It is really easy to fix this problem with this script I wrote. Just click on the link below to get it.

    gopher://gopher.URr00t3d.ru

    --
    "I don't know half of you half as well as I should like, and I like less than half of you half as well as you deserve."
  19. Re:All three gopher links left.. by BlowCat · · Score: 3, Funny
    This reminds me a joke about a sword incompatible with non-certified dragons :-)

    Just because nobody uses something legitimately, it doesn't mean that nobody will use it maliciously.

  20. Re:Or... by SethJohnson · · Score: 4, Funny


    I think it is then your responsibility to intentionally fall victim to every IE / Outlook exploit that comes around. Make your suffering public within the company. Demonstrate how your productivity is reduced due to the draconian browser and mail client policies of your company. After repeated episodes of the IT crew re-imaging your machine, perhaps they'll reconsider.
    --
    $5 / month hosted VPS on linux = awesome!
  21. like visiting porn/warez sites by Kris+Warkentin · · Score: 2, Funny

    Closing all the pop-up windows that you get at some sites is like playing whack-a-mole.

    --

    In Soviet Russia, hot grits put YOU down THEIR pants.
  22. Oh my gosh! Gopher! by interstellar_donkey · · Score: 2, Funny

    This could bring the entire Internet community to a halt!

    Next thing you know, they'll discover people using IE for archie searches will allow users to hack your windows box too.

    ---

    --
    The Internet is generally stupid
  23. Special Offers by CMiYC · · Score: 4, Funny

    I found it humorous that in the "Special Offers" Box there was a ad/link that read: "Access Your PC from Anywhere - Free Download"

  24. Re:Buffer overflow, buffer overflow, buffer overfl by digidave · · Score: 4, Funny

    The problem is that with only 32-bit addressing it's impossible to programatically store all of the bugs in Microsoft's software.

    --
    The global economy is a great thing until you feel it locally.
  25. Microsoft Has Already Released A Patch!! by Entropy_ah · · Score: 3, Funny

    Click here to download it.

    --
    my other penis is a vagina
  26. Re:What the hell is this about? by Freija+Crescent · · Score: 3, Funny

    And just why should we trust anything this guy says? Their official spokesman won't even stand by what he's saying. And what is he saying, anyway?

    His identity is being protected through obscurity. If he open-sourced his name, his job/email account/etc would be open to attack.

    So again, as far as Microsoft is concerned, it's the fault of the people who publicized it. It's prudent to assume these guys are not the only ones who know about the problem. Which means my information is already at risk.

    Your information has been at risk ever since installing your operating system. You agreed to the EULA upon installing it, and that paper holds you responsible for data sharing, you agreed to not hold Microsoft responsible for data loss, intrusion, etc. Also what concerns me is that you claim that other people know about the problem. That is unlikely, as the EULA also forbids reverse-engineering the code to find exploits.

    Additionally, you have the DMCA to protect you, which means that if anyone tries to circumvent the data safeguards on your system, they will be prosecuted.

    I think you are being overly paranoid.

    -fc

    --
    . echo -e \\04 > /dev/hand1
  27. Re:All three gopher links left.. by snake_dad · · Score: 4, Funny
    (Where's the demo anyway, dammit, I'm dying to play!)

    You mean you haven't found it yet? It's right here!

    --
    karma capped .sig seeking available Slashdot poster for long-term relationship.