Slashdot Mirror


IE Download.Ject Exploit Fixed

Saint Aardvark writes "Just in time for the weekend, the Internet Storm Center is reporting that Microsoft is providing a fix for the Download.Ject vulnerability that hit IE late last month. The press statement says that it'll hit Windows Update later today..."

3 of 421 comments (clear)

  1. Re:FYI by quadra23 · · Score: 5, Insightful
    This is just another "this will help for now, please wait for the real fix" incident from Microsoft.

    I think I lost count at about 1000 when it comes to these "this will help for now..." When it comes to IE most fixes end up as patches that can actually break more than they fix. I think the Dept. of Homeland's Security recommendation of not using IE speaks loud and clear to this.

    Microsoft could start but not allowing web sites to automatically run malicious code, just as Outlook has the same tendency with emails (which incidently, most email viruses spread rapidly with).
  2. Loaded terminology... by Anonymous Coward · · Score: 5, Insightful

    "Late last month"

    vs.

    "A week or so ago"

    I know Microsoft is not one for timely updates, but this wording makes it sound like Microsoft has been sitting on this particular problem a lot longer than they have.

  3. IE Features by johnhennessy · · Score: 5, Insightful

    What use are IEs extra features if they have to be turned off by default.

    ActiveX should never have been embedded into a browser in the way it has been. Yet most of the sites that I have to use IE for is because of ActiveX controls.

    Microsoft tricked a lot of the world into using ActiveX and now they're paying the price.

    I can hear the support conversations already -
    "Yes, if your security zone is set to high your computer won't be vulnerable. But if you want to view anything with ActiveX (read: multimedia) you'll have to turn these vulnerabilities back on."

    Does anyone else find this mildly insane ?

    --
    [ Monday is a terrible way to spend one seventh of your life. ]