Slashdot Mirror

← Back to Stories (view on slashdot.org)

Unpatched IE Flaw Extremely Critical

Posted by Zonk on from the get-the-lead-out dept.

Durinthal writes "The biggest blip on the security radar over the Thanksgiving holiday was the realization by the security community that an Internet Explorer problem first identified six months ago was a lot worse than it appeared, as what appeared to be only a DoS vulnerability also allows for execution of arbitrary code. The realization caused Secunia to issue a rare 'Extremely Critical' advisory."

9 of 277 comments (clear)

  1. Extremely Dupical by A+beautiful+mind · · Score: 5, Funny

    The biggest blip on the slashdot radar over the Thanksgiving holiday was the realization by the editorial community that a slow news problem first identified six months ago was a lot worse than it appeared, as what appeared to be only a short blip of news vulnerability now also allows for execution of arbitrary stories as portraid by Beatles Beatles. The realization caused CmdrTaco to issue a rare 'Extremely Dupical' advisory.

    --
    It takes a man to suffer ignorance and smile
    Be yourself no matter what they say
  2. Scummy eweek popup alert by david.given · · Score: 5, Insightful
    ...pops up a dialogue asking whether you want to be spammed and then spams you anyway when you hit CANCEL.

    Does anyone think that a very handy Firefox add-on would be a button attached to this kind of dialogue that would instantly kill all Javascript scripts stone dead for the page? Once an OK/Cancel dialogue is up, you can't interact with Firefox's UI until you've responded to the dialogue and let the Javascript do something, which I think is poor design.

    1. Re:Scummy eweek popup alert by BattleRat · · Score: 5, Informative

      The extention you are looking for is called NoScript. It works awesome.

  3. is IE the sound that .... by Anonymous Coward · · Score: 5, Funny

    is "IE" the shortented version of the screaming sound that I make when I realize my machine has been compromized?
    "iiiieeeeEEEEEEEEE!"

    1. Re:is IE the sound that .... by Foofoobar · · Score: 5, Funny

      I thought they just threw chairs? No wait... that's management.

      --
      This is my sig. There are many like it but this one is mine.
  4. Firefox v1.5 by Space_Soldier · · Score: 5, Interesting

    This makes Slashdot exactly on the day Firefox v1.5 is supposed to be released. Apparently, Mozilla want to create a huge marketing campaign, better and larger than the one for v1.0. This is a perfect time to capitalize on this horrible security hole to promote Firefox.

  5. Proof of Concept by Motherfucking+Shit · · Score: 5, Informative

    Here is a link to the Proof of Concept page, which will launch an instance of calc.exe if you're vulnerable. AVG Free caught the exploit in the cached page, but calc.exe ran anyway, even after I deleted the file.

    --
    "BSD: Free as in speech. Linux: Free as in beer. Windows 10: Free as in herpes." --Man On Pink Corner in #52607549.
  6. It affects Firefox, too. by Mitchell+Mebane · · Score: 5, Informative

    Although it's not as severe.

    https://bugzilla.mozilla.org/show_bug.cgi?id=31733 4

    --

    The roots of education are bitter, but the fruit is sweet.
    --Aristotle
  7. McAfee Fails It by Orrin+Bloquy · · Score: 5, Informative

    On my W2K box, McAfee warns me of a threat, then as soon as I close the window, the code executes anyway.

    --
    "Made up/misattributed quote that makes me look smart. I am on /. and I must look smart."