Zero-Day IE Exploit In the Wild
Eric Sites writes to tell us that a new zero-day IE exploit has been found in the wild. It looks to be a bug in VML in IE. The Sunbelt blog notes, "This exploit can be mitigated by turning off Javascripting."
← Back to Stories (view on slashdot.org)
Dupe!!!
Screw that! I'm going back to "telnet www.google.com 80"
And I'll do that within a VMware image running from a Live CD.
"It doesn't cost enough, and it makes too much sense."
Lynx? The absolutely safest method is this:
$ telnet slashdot.org 80
Trying 66.35.250.150...
Connected to slashdot.org.
Escape character is '^]'.
GET / HTTP/1.1
Host: slashdot.org
User-agent: none
It even makes it easier to read the Futurama quotes in the headers!
Zero-Day Slashdot
Posted by Chacham on 10:45 PM -- Monday September 18 2006
from the zero-day-is-overused dept.
[ Slashdot ] [ Teenagers ] [ Slow News Day ]
Chacham writes to tell us that an old zero-day Slashdot exploit has been found again and again and again. It looks to be a bug in all browsers. This comment notes, "The bug is in the Submit Story link, which is apparently easy available in the side bar."
No patch has been released. Story posters are standing by.
Have you read my journal today?
Of course not! Exploits don't exist until somebody announces them publicly!
http://outcampaign.org/
Your Windows Genuine Advantage will protect you!
"Thanks to Web2.0 (and various other forms of propganda), Asynchronous JavaScript and XML (AJAX) has all but taken over the Internet. ... Pick your poison - Firefox, Mozilla, Opera, Lynx, wget - they're all superior to IE..."
Dude, you must be one master coder - you've got an AJAX framework that will work with wget?
#DeleteChrome
>The only way to have a 100% secure web browser is to use a text browser with no scripts
http://old.zone-h.org/advisories/read/id=8276
https://rhn.redhat.com/errata/RHSA-2003-029.html
I'd suggest telnet to port 80, typing in GET commands, and reading the HTML. But then someone would embed the nam-shub of Enki and you'd be even worse off.