Slashdot Mirror

← Back to Stories (view on slashdot.org)

Zero-Day IE Exploit Takes Control of PCs

Posted by CmdrTaco on from the here-we-go-again dept.

anethema writes "A remote IE exploit with implementations is currently in the wild. From the article: 'Exploit code for a critical flaw in fully patched versions of Microsoft Corp.'s Internet Explorer browser has been released on the Internet, putting millions of Web surfers at risk of computer hijack attacks.' Aparently all you have to do is browse the page to be affected. There is no patch, but since it is a JavaScript exploit, you can work around it by disabling JavaScript."

12 of 567 comments (clear)

  1. This is why... by wpiman · · Score: 5, Insightful

    I use Firefox.

    1. Re:This is why... by HairyCanary · · Score: 4, Insightful

      Yes, the FF r0x0rs comments are redundant. Even more so are the responses to those comments that suggest that FF crashing has anywhere even approaching the same level of impact as an IE exploit that allows remote control to be taken of the affected computer.

  2. Ouch. by Pxtl · · Score: 4, Insightful

    Remember when web browsers were just for viewing HTML pages, and not as a platform agnostic instant-rollout applications platform?

    Yeah, me neither.

  3. I hope this gets into a doubleclick ad by WhiteWolf666 · · Score: 4, Insightful

    /evil on

    That'd be SO funny

    Someday, an IE exploit is going to come along that wipes your HD. Then we'll see sparks fly. /evil off

    --
    WhiteWolf666 an exBush supporter. All you new-school,compassionate,save the children Republicans can rot in hell
  4. Re:...or by not using Internet Explorer by dwandy · · Score: 4, Insightful
    IE's market share is still huge, but for the life of me I can't understand why.

    Take Preinstalled Browser,
    Add to Lazy User,
    and mix in a healthy dose of Ignorance.

    Alternate Receipe:
    Take Preinstalled Browser,
    Add Fear Of Change.

    Despite having Firefox installed at home, my wife insists on MSExploder .... I think the linux migration time-table is getting shortened.

    --
    If you think imaginary property and real property are the same, when does your house become public domain?
  5. Re:The facts please by Prospero's+Grue · · Score: 4, Insightful
    On story like this, we need the facts, period. No hype, rhetoric or personal opinions. Only the facts please, because I know members are going to tout the "other browser" as the safer one.

    Now, mod me whatever you want, but the info you provide should be FACTS.

    Fact: A critical security flaw has been found in IE, and the SANS ISC is recommending that people use one of the "other browsers".

    Howzat?

    --
    The opinion above is fiction. Any similarity to real opinions, including facts and logic, is purely coincidental.
  6. Re:Link to a copy? by artifex2004 · · Score: 3, Insightful
    I want to use it on school computers - they wwould just be getting what they deserve for flat-out refusing requests to get Firefox installed.

    So you'd deliberately and maliciously cause problems, just to prove you were on some imaginary moral high ground?

  7. Gah! by Anonymous Coward · · Score: 5, Insightful

    users do, but they're much further down the food chain

    Except that regular users comprimise a greater number of Internet users. So if Joe Average uses IE, more people are going to be affected by this flaw.

    we'll get the usual set of arguments about browser and OS supremacy.

    If something has fewer security problems, isn't it "superior" in that respect?

    If you can't trust Lynx to be secure, then really nothing is secure.

    Right. Because if something has one flaw, then you might as well not even bother trying, because everything has flaws. I mean, just because IE has had double-or-triple-digit flaws, clearly this one flaw in lynx makes all arguments against IE moot.

    What an inane comment.

  8. Re:...or by not using Internet Explorer by Darth+Maul · · Score: 4, Insightful

    but for the life of me I can't understand why.

    It's very, very simple. People are stupid and lazy.

    --
    --- witty signature
  9. Re:Say goodnight, AJAX by ptomblin · · Score: 4, Insightful

    So? When 90% of your "customers" are being told that they either turn off Javascript or get a virus, it doesn't matter whether the problem is with Javascript or IE - either way, there is no return for adding AJAX features to a web site. I'd rather spend my precious development resources on non-AJAX features that benefit everybody.

    --
    The next Cmdr Taco duplicate will be ready soon, but subscribers can beat the rush and see it early!
  10. Re:...or by not using Internet Explorer by GweeDo · · Score: 4, Insightful

    Despite having Firefox installed at home, my wife insists on MSExploder

    I don't understand this. You aren't the first person to tell me their Wife doesn't wanna run Firefox. You know what I did. I said to my wife "Wife. IE will break the computer and then I will have to spend all night fixing it rather than doing whatever else it is you wanted me to do.". My wife actually respects that I know what the crap I am talking about (just as I respect what the crap she is talking about in her area of expertice...which isn't IT) and goes with what I say.

    Why don't you people just try explaining the problems to your wife and get over it?

    --
    Unstable Apps: Our Android Apps Don't Suck
  11. Re:The facts please by hotdiggitydawg · · Score: 3, Insightful

    Fact: this bug was reported six months ago, but it is only now that someone has publicly shown how to use it to run arbitrary code.

    Who knows how long other people have been exploiting this bug - potentially in ways not involving Javascript as well?