Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft to Issue Out-of-Cycle Patch for IE

Posted by CmdrTaco on from the download-reboot-repeat dept.

rsw writes "Microsoft will be breaking their normal patch cycle and issuing a patch for the Download.Ject attack (a.k.a. Scob). They claim that the forthcoming patch will be a "long-term solution to the core vulnerability" exploited by Scob." Note that this does not mean that they are replacing IE with FireFox.

10 of 391 comments (clear)

  1. Re:Wow by chrisgeleven · · Score: 5, Informative

    Except this patch was needed a few weeks ago (and the exploit if I remember right has been known for months).

  2. Re:Firefox by AliasTheRoot · · Score: 4, Informative

    /. doesn't exactly produce the most compliant html...

    however I've never had any problems with the site using firefox.

  3. Re:Firefox is not the answer. by kid_wonder · · Score: 5, Informative

    I disagree. I use firefox for just about everything; online banking, online account management, etc. Every once in a while I need to open up IE to view a flash animation or some other stupid site that uses ActiveX - but at that point I know what they are trying to do and can establish the risks of going to it in IE.

    btw, regarding all these /. problems, for some reason I get this render problem intermittently, but a simple reload typically handles the problem.

    --

    "Oh, you hate your job? There's a support group for that, it's called everyone, they meet at the bar."
  4. Re:Does anyone use IE anymore? by ErichTheRed · · Score: 4, Informative

    The problem I found is that a lot of web apps are coded for IE's "extensions" that don't translate over to Firefox. We have a few internal apps at work like that, but there are public examples too. E.g, my power company paid some contractor to put together an online bill pay system for them, and obviously they're not interested in fixing it. Open the page in IE, and it works fine. Open it in Firefox, and you get a blank screen.

  5. Re:Firefox is not the answer. by PeteQC · · Score: 5, Informative

    There is a lot of "broken" sites that won't be right in IE when Microsoft will release it's SP2 for XP with a lot of added security to IE.

    Pop-up won't show, and all the non-correctly defined elements won't show right neither. So, maybe finally the webmasters will correct their sites.

    --
    Montreal - Best city to live in!
  6. Remove need for patching...by removing IE. by The+Fifth+Man · · Score: 5, Informative

    Build a CD of Windows 2000 without IE (or Outlook, etc. etc)

    Build a CD of Windows 2k, XP, or 2k3 without IE (or Outlook, etc. etc)

    Download an IE removal program for Win2k

  7. Re:Is there something wrong with me? by GigsVT · · Score: 5, Informative

    My wife was infected by spyware by simply visiting a site that was an etrade affilliate site (they were offering a free PDA if you opened an etrade account).

    She told me at the time the only difference between her computer and her friend that sent it to her was that she had Sun Java installed and he didn't. He didn't get infected and she did.

    This was several months ago, she searched and didn't find any exploit info about it.

    A couple days ago she found the exact exploit she had encountered on a vulnerability list, a combination of Sun Java and an IE bug cause a certain vulnerability.

    So you might think you are safe, but how many "zero day" or unknown exploits, such as the one my wife got infected by spyware via are out there?

    --
    I've had enough abrasive sigs. Kittens are cute and fuzzy.
  8. Do people care? by taylortbb · · Score: 5, Informative

    Do people care about IE security problems? Most do actually, people just either don't know about the vulnerabilities or if they do they don't know there's anything that can be done.

    Everyone I know when I talk to them about how bad IE is, if they listen, switches to Mozilla, I switched my school's computers and those of atleast 60 others.

    People are listening now more than ever, its becoming so bad (atleast one a week) the mainstream media is even going "Another Internet Explorer vulverability has been found".

    All I tell people is that:
    1. Mozilla works faster
    2. It has a pop-up blocker
    3. It is immune to those once a week IE vulnerabilities
    4. You just about don't get spyware (and mention keyloggers). <---The Killer One And BTW, I use Firefox 0.9.2 (mozilla.org build for Linux/x86) and have never had problems with how /. renders.

  9. Re:beige by threephaseboy · · Score: 4, Informative

    theres a better way. change the url from it.slashdot.org to just slashdot.org
    or whatever.
    example:
    http://it.slashdot.org/article.pl?sid=04/07/29/175 1213 turns into
    http://apple.slashdot.org/article.pl?sid=04/07/29/ 1751213

    --
    .
  10. Re:Does anyone use IE anymore? by aWalrus · · Score: 3, Informative

    That conclusion is a non sequitur, since it is usually made from the standpoint of webmasters who have non-compliant sites that break in alternate browsers. If you're looking at the traffic statistics for your site that breaks in Firefox, it is *obvious* that you won't find very many Firefox users, since you're driving them away.

    To provide some numbers, check the Google Zeitgeist. Although it does show that IE 6 has a clear dominance, the Mozilla traffic is on par with IE 5.0 and IE 5.5 -- If you support those, you should support Mozilla.

    If you go to more techie-oriented sites you'll see very different results. In my site's own stats, IE accounts for less than 50% of visitors (and yes, there *are* more than 5 people visiting daily).

    --
    Overcaffeinated. Angry geeks.