Slashdot Mirror

← Back to Stories (view on slashdot.org)

Zero-Day IE Exploit In the Wild

Posted by ryuzaki0 on from the now-delivering-spyware-to-a-pc-near-you dept.

Eric Sites writes to tell us that a new zero-day IE exploit has been found in the wild. It looks to be a bug in VML in IE. The Sunbelt blog notes, "This exploit can be mitigated by turning off Javascripting."

3 of 239 comments (clear)

  1. russian bastards by darkchubs · · Score: 0, Troll

    russian bastards

  2. Re:easier solution by kestasjk · · Score: 0, Troll

    Using add-ons like NoScript you can stop Firefox from executing JavaScript without your consent, but IE has this functionality built in. Using the Windows Live addon you can have tabs in IE too.

    FF needs add-ons to remove JavaScript, IE needs add-ons for FF's tabs. The reason the IE seems more secure is that fewer people use it, those who do use it tend to be more computer savvy, and IE has bad default security settings (as is the Windows way). You can't really blame the IE team for this.

    --
    // MD_Update(&m,buf,j);
  3. Why disable javascript? Change to firefox ... by weeb0 · · Score: 0, Troll

    "This exploit can be mitigated by turning off Javascripting."
    "This exploit can be mitigated by turning off activeX"
    "This exploit can be mitigated by turning off ie"
    "This exploit can be mitigated by turning off windows"
    "This exploit can be mitigated by turning on Linux"
    "This exploit can be mitigated by turning on Firefox"

    In fact, I really don't understand why on the news they NEVER recommand to use another browser than IE... Sorry, but when there is an exploit, why disable some web functionality like javascript (I don't have any problem to disable ActiveX (very bad and insecure thing)) to continue to use IE ?!

    I don't understand, is that the Microsoft lobby the reason ?

    And then, I think there is some technology website that are very stupid, like the website silicon.fr, they say the red "panda" for the firefox logo ... -DUH-