Slashdot Mirror


Zero-Day IE Exploit Takes Control of PCs

anethema writes "A remote IE exploit with implementations is currently in the wild. From the article: 'Exploit code for a critical flaw in fully patched versions of Microsoft Corp.'s Internet Explorer browser has been released on the Internet, putting millions of Web surfers at risk of computer hijack attacks.' Aparently all you have to do is browse the page to be affected. There is no patch, but since it is a JavaScript exploit, you can work around it by disabling JavaScript."

18 of 567 comments (clear)

  1. And as usual... by Billosaur · · Score: 5, Funny

    From eWeek: The group that published the exploit said Microsoft has been aware of the Javascript Window() vulnerability for several months but was mistakenly treating it as a low-priority denial-of-service flaw.

    Because anything that allows a malicious user to exploit your system and hijack isn't a flaw... it's a feature!

    --
    GetOuttaMySpace - The Anti-Social Network
    1. Re:And as usual... by zootm · · Score: 5, Funny

      This kind of thinking is extremely $sys$profitable irresponsible.

      My god, Sony have provided a viable Windows alternative to the old ^W^W^W^W *nix joke... it's worse than we thought!

    2. Re:And as usual... by mazarin5 · · Score: 5, Funny
      My god, Sony have provided a viable Windows *nix joke

      Huh?

      --
      Fnord.
  2. Is there a tenor in the house? by MikeMacK · · Score: 5, Funny
    The SANS ISC's Ullrich said IE users should consider switching to Firefox of Opera.

    Ah, the Firefox of Opera - who is that, Pavarotti?

  3. This is why... by MartinG · · Score: 5, Funny

    I use netcat.

    --
    -- MartinG To mail me: echo kewyjlcxyzvjfxbqwh | tr bcefhjklqvwxyz .@adgimnoprstu
  4. Thank you by steveo777 · · Score: 5, Funny

    Now that you've read the comments, your Windows box belongs to OSTG. Please stand by while we load Linux.........

    --
    This sig isn't original enough, it's time to come up with something witty...
  5. This is why... by BushCheney08 · · Score: 5, Funny

    I don't browse the web.

    --
    Be a real patriot: Question authority. Think for yourself. Formulate your own conclusions.
  6. Re:This is why... by msdschris · · Score: 5, Funny

    I use telnet and render the HTML mentally.

  7. lazy story submitters by mapmaker · · Score: 5, Funny
    Aparently all you have to do is browse the page to be affected.

    What, no link?

  8. Re:This is why... by Scoth · · Score: 5, Funny

    You say that in jest, but imagine the possibilities for exploits when/if we get the point of direct neural implants for communications and such. Just imagine, instead of porn popups, lockups, and reboots we'll have people suddenly yelling about viagara at the top of their lungs, freezing up and falling over mid-stride, and suddenly forgetting where they are.

    Maybe anyway :)

  9. Re:This is why... by Anonymous Coward · · Score: 5, Funny

    You've met my grandfather, I take it.

  10. Re:This is why... by andreMA · · Score: 5, Funny

    Two of those three would apply to the current crop of US politicians. All three if you count Bob Dole.

  11. Re:This is why... by lordofthechia · · Score: 5, Funny

    "I use telnet and render the HTML mentally."

    You get used to it. I don't even see the code. All I see is blonde, brunette, redhead.

    --
    Georgia Tech, the leader in Chia(tm) technology.
  12. Hmm.... by Lonath · · Score: 5, Funny

    Isn't Google's master plan to take over the world dependent upon people using AJAX? If IE has a critical flaw using javascript, and everyone has to turn it off, then nobody will be able to use Google's new products and... Hey wait a minute.

  13. Re:This is why... by lordofthechia · · Score: 5, Funny

    I phone the webmaster and ask him to read me the webpage.

    --
    Georgia Tech, the leader in Chia(tm) technology.
  14. Re:Ouch. by TheRealMindChild · · Score: 5, Funny
    --

    "When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
  15. Re:...or by not using Internet Explorer by dallask · · Score: 5, Funny

    solution:
    Buy sony cd,
    install rootkit
    rename Explorer to $sys$explorer.exe

    --
    The Code Ninja is swift with his tool, precise in his delivery, and deadly accurate in his execution.
  16. Re:This is why... by OakDragon · · Score: 5, Funny

    There is an exploit that my computer suffers from every day. It's called the 'Slash.ORG' worm, and it doesn't matter what kind of browser you use. Once the browser navigates to a certain website, it tends to stay there, refreshing as needed. It's called a DoPE attack, or 'Denial of Productivity for Employer.'