Slashdot Mirror

← Back to Stories (view on slashdot.org)

4 New "Extremely Critical" IE Vulnerabilities

Posted by CmdrTaco on from the are-you-ready-for-fun-and-excitement dept.

TopherTG writes "Buckle your seat belts folks. On what is looking to be the next Black Tuesday, with rumors of 9 new Windows security patches being released, Secunia is reporting on 4 new vulnerabilities in IE that allow for arbitrary code execution and placing content over other windows. Combined with the new Windows patches, it is likely more Download.Ject and Sasser like viruses will be emerging in the coming months."

59 of 1,081 comments (clear)

  1. At what point... by D-Cypell · · Score: 4, Funny

    At what point do we need to shift the focus here and start posting slashdot stories when they find some code in IE that actually works?

    1. Re:At what point... by slash-tard · · Score: 5, Funny

      Im just glad I use AOL to get my interweb.

    2. Re:At what point... by Grey+Ninja · · Score: 5, Funny

      Well, we know for sure at this point that ActiveX works. And the code for creating popups is working quite nicely. Of course, there is the odd time that when autoinstalling some ActiveX controls to autospawn more popups, and creating some more popups at the same time, it can go into an infinite loop and crash, but on the whole, it works quite nicely. =)

    3. Re:At what point... by Anonymous Coward · · Score: 5, Funny

      At what point do we have /. change the IE topic icon to have bugs crawling all over it and eating holes?

    4. Re:At what point... by hazem · · Score: 3, Funny

      Such rediculous spelling. While it can be definately said that the instances of rediculous spelling must certainly be finate, it actually feels infinate!

    5. Re:At what point... by Anonymous Coward · · Score: 2, Funny

      Sure it's not complicated. It's just bits of code put together, right? English words are just letters put together, and yet you managed to screw that up. And I'm sure you've written more English sentences than the Internet Explorer developers have written lines of code.

    6. Re:At what point... by Anonymous Coward · · Score: 1, Funny

      (aol user mode)Me too!(/aol user mode)

    7. Re:At what point... by FireFury03 · · Score: 3, Funny

      Oh hang on, there's a 'Y' in the day, time for another windows security hole :)

      --
      http://blog.nexusuk.org
    8. Re:At what point... by Orick · · Score: 3, Funny


      I'm personally tired of IE criticizing me.

      Now it's going to get "extremely critical" at my vulnerabilities?

      I just can't take it anymore....

      --
      Kirby Reviews

    9. Re:At what point... by magefile · · Score: 4, Funny

      No - replace it with the Firefox icon. Y'know, the picture of a fox eating (or suffocating or ... /me resists the urge to make a dirty joke) the IE logo?

    10. Re:At what point... by BobLenon · · Score: 5, Funny

      In terms of software engineering, IE has proved to be quite the extensible piece of software. Look at how many people are out there developing "addons" with little trouble ;)

      That and they are so easy to install.

      --

      /* Lobster Stick To Magnet!*/
    11. Re:At what point... by Anonymous Coward · · Score: 1, Funny

      No, don't do this....its about time for a Firefox name change.

    12. Re:At what point... by aaron_ds · · Score: 3, Funny

      Like this?

  2. surprise by birdwax2k · · Score: 5, Funny

    surprise, surprise...all i want to know is why you need 9 patches for 4 holes. maybe the first patch fixes 1 and creates 5 more?

  3. The /. Pool by CommanderData · · Score: 5, Funny

    Sorry Funkdid, your bet of Wednesday for the next IE exploit was incorrect. However according to Price is Right rules your bet is the closest without going over, so you win!

    Your prize today is 9 shiny new windows patches! And a new car!

    --
    Urge to post... fading... fading... RISING!... fading... fading... gone.
    1. Re:The /. Pool by Zak3056 · · Score: 5, Funny

      However according to Price is Right rules your bet is the closest without going over, so you win!

      Your prize today is 9 shiny new windows patches! And a new car!

      <game show music>

      But that's not all, Funkdid! Bob Barker is also going to come to your house and personally neuter your dog! Actual retail price of Bob neutering your dog, $129.99!

      </game show music>

      --
      What part of "shall not be infringed" is so hard to understand?
    2. Re:The /. Pool by funkdid · · Score: 5, Funny
      Awesome! hahahha

      If only it was announced tomorrow, I would have won both showcases!!!!!!

      --

      I boycott signatures

  4. Breaking News by Anonymous Coward · · Score: 5, Funny

    A spokesman for Microsoft said, "These are the last 4, we swear!"

  5. Oh, for god's sake! by Anonymous Coward · · Score: 5, Funny

    I'm switching to Lynx.

  6. Re:Black Tuesday? wth? by lachlan76 · · Score: 3, Funny

    From what I hear, it's when Microsoft release patches. Many Patches. In one day. Imagine rushing around, trying to patch all of your computers. *THAT* is Black Tuesday.

  7. Re:"Trusted Computing" by The-Bus · · Score: 5, Funny

    Well at least it's nice of the virus/exploit writers to find flaws now as opposed to during its official release in August...

    --

    Small potatoes make the steak look bigger.

  8. Re:aaaaarrgggggggghhhhhhhhh......... by KevinKnSC · · Score: 2, Funny

    Been reading Snow Crash again, have we?

  9. Internal MS Memo by ccoder · · Score: 5, Funny

    Dear Staff,

    IE has a vew unsolved vulnerabilities to say the least. Download the latest version of Firefox or Mozilla from http://www.mozilla.org/.

    Thanks,
    Bill G

    --
    "During times of universal deceit, telling the truth becomes a revolutionary act" -- George Orwell
  10. Re:Black Tuesday? wth? by Synesthesiatic · · Score: 5, Funny

    When all the sysadmins start jumping out of windows, you'll understand.

  11. Re:IE SP2 RC2 is not vulnerable by Iphtashu+Fitz · · Score: 2, Funny

    So everybody should just run out and upgrade to Win XP? (And install SP2 even though it hasn't been released yet?)

    News Alert: Microsoft forces users to upgrade to Windows XP by releasing viruses/worms that only target earlier versions of Windows and IE.

  12. Is it just me? by Cro+Magnon · · Score: 5, Funny

    Or does the very name of IE sound like a scream?

    --
    Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
  13. Re:"Trusted Computing" by Threni · · Score: 1, Funny

    naah....that'll just push back the release date of some exploits until september...

  14. Re:Hmmm.... by Mysticalfruit · · Score: 1, Funny

    Your right. "moot" was what I was going for, "mute" came out.

    --
    Yes Francis, the world has gone crazy.
  15. Re:Black Tuesday? wth? by chris_mahan · · Score: 5, Funny

    There are no windows in the basement.

    --

    "Piter, too, is dead."

  16. Re:"Trusted Computing" by supersnail · · Score: 3, Funny

    Buy from "Honest" Bill.

    Nearly original operating systems loved by hackers everywhere at LOW LOW prices!

    Trust Bill! The "Gates Guarentee" will ensure your OS against absolutly nothing for NO EXTRA COST!

    "Fair Play" Bill also GIVING AWAY a range of pre-hacked browsers at low lwo prices.

    --
    Old COBOL programmers never die. They just code in C.
  17. Re:Why don't... by betelgeuse-4 · · Score: 2, Funny

    Because IE is tightly integrated into Windows, so that would mean that Symantec etc.. would be classifying Windows as a ... oh wait, good idea!

    --
    Decode these
  18. Re:Black Tuesday? wth? by hoggoth · · Score: 5, Funny

    > I think blacktuesday has something to do with a stock market crash back in the day. 1987 maybe? I am not sure.

    "back in the day" ... "1987" ...
    God I feel old...

    --
    - For the complete works of Shakespeare: cat /dev/random (may take some time)
  19. Re:Solution: by Anonymous Coward · · Score: 5, Funny
    Naturally, the only thing that can distract screeching Slashbots from frothing over a new Windows vulnerability is the rare presence of a girl.

    Boy, MS' spin control just gets more clever by the day...

  20. Re:Black Tuesday? wth? by blackmonday · · Score: 4, Funny

    Dangit, just one day before, and my band could have had a slashdotting. I couldda been a contenda.

  21. Maud'dib would be proud by Prince+Vegeta+SSJ4 · · Score: 4, Funny
    In other news, wormherders around the world once again had something to rejoice about. Chief Wormherder Paul Maud'dib had this to say:
    • "We were dealt a serious blow with some of the latest security patches, however, we found out that after a while the product still works,

    • Just set a box of Windows XP out in the field, and the worms keep rolling in. They stopped for a moment and we were afraid we would have to go back to the old method of using shovels and a bucket. But, like magic, they kept coming and coming.

      All hail the Quizatz Hadderach!

  22. Re:No Surprise by hypnagogue · · Score: 3, Funny
    I am waiting for ... Web Developers to write code that is compatible with all browsers
    I disagree. I think "browser incompatibility" can be used as a proactive solution to the IE situation. If folks would set up their web servers to rewrite any GET request from IE to a page that says "You are running Internet Explorer. This website cannot support users of Internet Explorer due to its inherent security flaws."

    Then redirect them to http://www.mozilla.org after 10 seconds.
    --
    Liberty you never use is liberty you lose.
  23. Got Sploit? by HangingChad · · Score: 4, Funny
    MSFT's only had what? Seven or eight years to work out the security issues in IE. Instead of getting better it seems to be getting worse.

    Remember when 2000 was supposed to be the most secure ever? Then XP? Now it's Longhorn. I didn't believe them then and I don't believe them now.

    I feel sorry for the poor Windows poopies. Paying big bucks to get porked like a cheap prom date. And not so much a kiss from Billy boy.

    --
    That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
  24. Re:Solution: by hawkeyeMI · · Score: 2, Funny
    There's nothing relating to geekiness in blaming your boyfriend/husband. Women seem to be entitled to that by human nature.

    *ducks*

    --
    Error 404 - Sig Not Found
  25. Re:Obligatory FireFox Boosterism by Frank+T.+Lofaro+Jr. · · Score: 1, Funny

    That is so ironic it almost defies belief.

    Considering that msn.com is Microsoft. :)

    --
    Just because it CAN be done, doesn't mean it should!
  26. Re:Obligatory FireFox Boosterism by Anonymous Coward · · Score: 1, Funny

    No don't tell all of your friends to switch. I like using a virus free browser. If eveyone switched then there would be viruses written for firefox!

  27. Re:Is it bone-idleness or Ignorance? by Ignignot · · Score: 2, Funny

    As an IE user, I was going to respond to this with proof that Firefox is just as bad as IE. Then I realized that I have no idea how to use Firefox in place of internet explorer because it appears to be some sort of shipping company. Also, my fingers are tired from writing this post so I'm just going to stop.

    --
    I submitted this story last night, and it didn't get posted.
  28. Re:Obligatory FireFox Boosterism by fuzzix · · Score: 2, Funny
    Obviously anyone who hasn't made all their Windows 'friends' switch to FireFox needs to do so now.

    I did. One of my friends took some serious effort - Next time I spoke to him I asked him how FireFox was going:
    "It was wrecking my head so I went back"
    Me: "Don't come crying to me when the Russian mafia have your credit card numbers!"
    I think he's gone back to the fox... :)
  29. In Other News... by lukateake · · Score: 5, Funny

    It's Tuesday.

  30. Re:Hmmm.... by DrunkenTerror · · Score: 2, Funny

    It would be cool if my remote control had a moot button... But what would it do?

    I guess it would be pointless, really.

  31. Re:Alternative Browser Security Question... by tmbg37 · · Score: 2, Funny

    it's kinda like MAC users saying how the MAC is so secure because all of the viruses are windows viruses...well, that's because no one bothers to write a virus for MACs...

    I dunno, it seems like everybody on slashdot, (maybe even the whole Internet!) is using MAC addresses, and I can't remember the last time someone wrote a virus for them.

    --
    This comment was thought up very late at night and does not necessarily reflect my views at a more reasonable hour.
  32. Re:To quote an engineer I spoke to recently... by S.O.B. · · Score: 2, Funny

    I'd say running Internet Explorer is more like pulling your pants down and screaming "rape me" in the middle of the exercise yard of a maximum security prison.

    --
    Some of what I say is fact, some is conjecture, the rest I'm just blowing out my ass...you guess.
  33. Well Now by quantaman · · Score: 4, Funny

    It seems like somebody was jelous of a certain other browsers bug now weren't they?

    --
    I stole this Sig
  34. Re:Solution: by Anonymous+Writer · · Score: 3, Funny
    what's a girl to do??

    Her nails.

  35. The best browser is.... by Anonymous Coward · · Score: 1, Funny

    Telnet over port 80.

  36. Re:IE Developers by GoofyBoy · · Score: 4, Funny

    >More like Microsoft's human resources problem of hiring people from good colleges who lack real programming experience.

    Didn't get the MS summer job either, huh?

    --
    The surprise isn't how often we make bad choices; the surprise is how seldom they defeat us.
  37. Re:Interesting... by RoLi · · Score: 3, Funny
    Because those are the last 4 Microsoft vulnerabilities ever, you won't need Windowsupdate.

  38. Does this affect the mac version as well? by foidulus · · Score: 2, Funny

    On occasion I am forced to run the mac version of IE, how many of these exploits actually affect the mac version(which is rather old at this point)?

  39. Re:Using IE is like having sex without condoms... by jamesangel · · Score: 3, Funny

    Insecure, but a more enjoyable user experience?

  40. Re:aaaaarrgggggggghhhhhhhhh......... by isyd0r · · Score: 2, Funny

    A day in the life of MSIE

    And bill spoke and I went into a nightmare
    I heard the news today oh boy
    Four thousand holes in IE, Microsoft
    And though the holes were rather critical
    They had to count them all
    Not they know how many holes it takes
    To fill the Windows XP SP2.
    I'd love to turn bill off.

  41. Go text based! by The_Candyman · · Score: 3, Funny

    I say we just switch to Lynx and forget about all these vulnerabilities!

    Doh, guess I'll just have to switch to ascii porn!

  42. Re:Even MS Fans Are Switching by accessdeniednsp · · Score: 2, Funny

    I'm a fan of Microsoft. I like most of their products. I make a living off their development tools and platforms. I'm incredibly happy with Windows 2003 Server. I typically defend Microsoft whenever I get the chance.

    translation:

    "Kick Me".

    dork.

  43. The way to get them all to change: read it here! by ScytheBlade1 · · Score: 2, Funny
    This is in refrence to a post of mine up there some, here, and someone suggested that I repost it in the main thread. So, here goes.

    I swear, why didn't anyone else think of it before...


    <email>
    With the recent AOL and Intel merger, that you've all got an e-mail about before, I'm sure, both AOL and Intel (hereby refered to as Antel), have issued several warnings about your web browser, Internet Explorer.

    With Bill Gates tracking all of these e-mails, he's been able to prove that there's about 96% of the world (that has a computer) using Internet Explorer. However, for the first time, Bill Gates may be wrong!

    There have been several recent attacks against Internet Explorer, and these are not limited to:

    If you click a link in your e-mail, IT MAY ERASE YOUR ENTIRE COMPUTER!

    Just by opening up a webpage, without your knowledge, IE could install several harmful programs that read your e-mail and send your credit card number, name, and all other personal information to hackers across the internet!
    Because of these possibilites, Antel has issued several warnings to stay away from Internet Explorer, and instead use Mozilla, Firefox, or Opera.

    Now go spread the word to all of your friends!!one1!

    Prove the power of e-mail! Forward this to everyone in your address book asap!

    IF YOU DO, ANTEL WILL REWARD YOU WITH A $20 ANTEL GIFT CERTIFICATE!
    </email>

  44. Re:Windows patch 841873 disabled Mozilla Firefox!! by don.g · · Score: 2, Funny
    Running XP with all current updates (except 841873) on a P4 3 ghz with 512K.
    There's your problem. Firefox needs more RAM. Hell, I'm surprised XP runs in 512K!
    --
    Pretend that something especially witty is here. Thanks.
  45. Feeling sorry for IE by Trinition · · Score: 2, Funny

    I'm starting to feel sorry for IE. Everyone's picking on it. It does have some nice features: