Slashdot Mirror

← Back to Stories (view on slashdot.org)

Several Critical MSIE Flaws Uncovered

Posted by Zonk on from the it's-not-all-roses dept.

An anonymous reader writes "Several flaws have been uncovered by security firm eEye in Microsoft's Internet Explorer. The flaws allow remote compromise of computers running Windows Operating Systems and affect IE, Outlook and possibly other MS software. With the next MS Windows security bulletin release scheduled for June 14, 2005 news sources are reporting that in comparison with the Mozilla Foundation's prompt fix for the recently reported Mozilla 1.0.3 vulnerabilities MS appear to be leaving a large window for the possible malicious exploitation of these flaws."

27 of 388 comments (clear)

  1. Thanks Microsoft! by Anonymous Coward · · Score: 5, Funny

    I know some people around the Mozilla camp were a bit afraid of how the media would cover their recent security problems. But, once again, Microsoft's really come through by offering problems of their own to take the spotlight off Firefox.

    1. Re:Thanks Microsoft! by wfberg · · Score: 5, Funny

      Browsers are like cheerleaders. They're popular, and they might say they use protection, but you'd better know they get around.

      --
      SCO employee? Check out the bounty
    2. Re:Thanks Microsoft! by eyegone · · Score: 4, Funny


      No one would be stupid enough to try and make an email client be an applications platform

      Ever hear of Lotus Notes?

      --
      "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."
    3. Re:Thanks Microsoft! by Kent+Recal · · Score: 4, Funny

      Ever hear of Lotus Notes?

      Yes, I have and it is a nice proof for grandparents statement.

  2. Dupe? by Kohath · · Score: 5, Funny

    Is this story a dupe?

    I could swear I read about security problems in MSIE before...

    1. Re:Dupe? by lostwanderer147 · · Score: 2, Funny

      No, no you haven't. It's all just the vast liberal conspiracy. They just want you to hate America. Now move along and go collect your tax refund.

      --
      All your .sig are
    2. Re:Dupe? by ninja_assault_kitten · · Score: 1, Funny

      Nope, you're confusing it with Firefox.

    3. Re:Dupe? by HermanAB · · Score: 5, Funny

      No, it is all the people that are still using MSIE that are duped.

      --
      Oh well, what the hell...
  3. But thats not fair! by Anonymous Coward · · Score: 5, Funny

    People taking advantage of Microsoft's upgrade release cycle to discover security flaws when there's a month to go to the next upgrade!

    I hereby demand that everyone only look for security flaws the week before the scheduled security update so that Microsoft can continue to claim it patches all their flaws in a timely manner!

  4. Good for bidness by yofal · · Score: 5, Funny

    There's no rush cause we've got something to sell!

    http://www.microsoft.com/windows/onecare/default.m spx

    --
    lisa bonet ate no basil
  5. Re:Great.. by 0x461FAB0BD7D2 · · Score: 5, Funny

    IE lite? You mean less features than IE already has? I think that's called telnet isn't it?

  6. Poor choice of slogan by rokzy · · Score: 5, Funny

    who came up with the clever design idea of making eEye's slogan "Vulnerabilty Is Over" and then pasting it at the bottom of each vulnerability report as if it's a status message?

    reminds me of the Simpsons scene where someone is reporting a crime via a radio and says "over" at the end of the transmission. then Wiggum says "thank god that's over". karma for the first person to find the quote, but I only have the real kind not the /. stuff.

  7. Deja-vu by Anonymous Coward · · Score: 2, Funny

    That's simply called a "deja-vu", you see, that's what happens when either: the matrix has been modified, or you've been in front of the computer tooo long, or you're dealing with a bug advisory of a ordered group of flaws, bugs and exploits conventionally named "Internet Explorer".

  8. Re:A large window? by Anonymous Coward · · Score: 1, Funny

    oooh 10 days before it was known to the public

    well these IE flaws are known and ms probably knew about them for 3 years already and we still have to wait another month for a fix

  9. Lets take them down hard.. by E+IS+mC(Square) · · Score: 4, Funny

    BG: What, Firefox has a critical flaw? They are hogging all media attention for that? Fuck that. Hey tech team, how many more IE vulnerabilities have not been reported yet?

    Tech team: 349 that we know of, SIR!

    BG: Good. All critical?

    Tech team: ALL CRITICAL, SIR! YES SIR!

    BG: Good. Hey PR team, take the first 10 of them, contact some security firm and 'leak' them.

    PR: YES SIR!

    BG: Now we will see what firefox is going to do about this.

    (Evil laugh all around)

  10. Re:The remote exploit by Rosco+P.+Coltrane · · Score: 1, Funny

    The remote exploit is why I use OS X.
    My time is worth it.

    Are you a lawyer?

    --
    "A door is what a dog is perpetually on the wrong side of" - Ogden Nash
  11. Re:Great.. by VStrider · · Score: 4, Funny

    IE lite? You mean less features than IE already has? I think that's called telnet isn't it? Excellent! Plus...telnet will keep you insecure, in the spirit of IE.

    --
    VStrider.
  12. Re:IE is not a Browser by Tibor+the+Hun · · Score: 5, Funny

    Go easy on him, he must be new around here.

    --
    If you don't know what AltaVista is (was), get off my lawn.
  13. Is MSIE addictive? by Mother+Sha+Boo+Boo · · Score: 2, Funny

    Almost every week I receive an email or an IM of a friend complaining their pc's are full of spywares, porn and gambling pop-ups, search bars, or: "I can't reach Google! Oh my God, it just opens porn!". I always say: "Try another browser, Firefox is pretty friendly". A friend of mine switched back to IE just because Firefox sorted her imported IE bookmarks alphabetically, instead of keeping the old order. Come on, it can't be only this.... MSIE must be addictive somehow...

  14. No, NO. by game+kid · · Score: 4, Funny

    It should have a Javascript DOM-based moving or something. Marquees are, like, so IE3.

    Better yet, be thoughtful of screen-reader users, and make it a static list that has scrolling abilities.

    --
    You can hold down the "B" button for continuous firing.
  15. Re:Simple solution: restricted user for browsing by mcc · · Score: 2, Funny

    For some reason reading this suggestion the phrase comes to mind "the terrorists have already won".

    --
    Irritable, left-wing and possibly humorous bumper stickers and t-shirts
  16. Re:Please tell me you don't write code. by ssj_195 · · Score: 2, Funny
    In other words, the flaws aren't errors in code writing, the flaws magically spaw when a certain number of people use it.
    I call it the Heisenberg Insecurity Principle.
  17. In other news... by fm6 · · Score: 1, Funny

    ...scientists report that water is wet.

  18. Re:IE is not a Browser by ThisIsFred · · Score: 2, Funny

    Just playing devil's advocate here, but by now, everyone should know that IE isn't just a browser. It's foremost a user shell for Windows, and also a development framework. It just happens to be able to render HTML, XML, and has partial compatibility for CSS as well.

    --
    Fred

    "A fool and his freedom are soon parted"
    -RMS
  19. Time for the season finale... by mtec · · Score: 3, Funny

    These are the voyages of the browser Explorer, It's mission; to explore strange new exploits and seek out new viruses and hacker civilizations, to boldly expose data not exposed before!!
    *cue music*

    --
    Cake or Death? Cake Please!
  20. ... Timing! by SEWilco · · Score: 3, Funny
    With the next MS Windows security bulletin release scheduled for June 14

    Note to security companies: Schedule your next flaw announcements on June 15.
    Yes, everyone on the same date.

  21. Exerpt from "The Devil's DP Dictionary" by rah1420 · · Score: 2, Funny

    One-line Patch: A kludge so trivial that no testing is necessary. Repaired with another one-line patch. See Recursion.

    Recursion: See recursion.

    --
    Mit der Dummheit kämpfen Götter selbst vergebens.