Slashdot Mirror
IE7 Vulnerability Discovered
slidersv writes "Not 24 hours after the release of IE7, Secunia reports Internet Explorer Arbitrary Content Disclosure Vulnerability. So much for the "you wanted it easier and more secure" slogan found on Microsoft's IE Website."
ha ha
factor 966971: 966971
What was wrong with gopher???
In a very motherly voice:
Oh Microsoft, what are we going to do with you, eh?
Summation 2
Thats the root of the problem. I'd wager 90% of the functioanlity for browsers is only used by 5% of end users. Granted a lot of stuff is demanded by web develoeprs who want fancy this, animated that, and sliding and fading the other, but to be honest, most of us dont need any of that junk.
:D
As end users, how much of browser bloat do we really need?
I think there was a slashdot story asking for feature requests for firefox recently. my main request is this please:
less of everything
Its already at the case where im starting to notice how long it takes firefox to start. Sometimes more features does not mean better. Its like anything, cars, mobile phones, TVs, they all have major feature bloat.
I found it actually impossible to buy a new mobile *without* internet access. Its insane. i remember when you didnt have an animated 'startup' screen for your phone, because the damned things just switched on.
Feature bloat -> just say no
DRM-free indie games for the PC and Mac: Positech Games
How many people here are actually surprised by this?
Footix - President, Society For Putting Things On Top Of Other Things
Do Firefox fan boys get a nickel everytime they defend firefox? Honestly, this browser fan boy war needs to end, this isn't digg.com, we are more civilized. Besides, if firefox had as many users as internet explorer, im sure their would be vulnerabilities popping up from left to right for FF.
It's not really news that there are security issues in IE 7. Problem is there are security issues in so much these days that it's really just about what has been found so far.
;-)
Back to the old text based lynx browser for me. Now, Anyone know where I can get a flash plugin for Lynx?
- F1 NEWS
eh? why?
This exploit exists in IE6. It just means MS didn't fix it in IE7. It's not like it's a new exploit that was quickly discovered within the few hours after IE7 was released.
Maybe the line should read "You wanted it easier AND more secure?".
Look at the bright side, at least it didn't take them three months to patch the bug, unlike certain Firefox bugs..
It's already been done and found to be a hoax.
Anything else you want to complain about?
We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
... explaining this in english?
everybody switch to lynx.
The only safety is vigilence
KFG
A security vulnerability in a Microsoft Browser? Now way! I don't see why anyone would expect Microsoft to turn into a security powerhouse all of the sudden, considering their long track record of flaws, especially in Internet Explorer.
In a world of acronyms, the words are the real victims.
The same problem is known on IE 6 since April 2006
Lars T.
To the guy who modded me down from perfect to terrible Karma - Apple haters still suck
This shouldn't be too much of a suprise ... how many software products are 100% bug free when released, particularly Microsoft's? Anyone who downloads or buys any software within the first few weeks is just asking for it ... and anyone who buys a Microsoft product within the first year is bound to have issues, whether security breaches or just annoying bugs.
Crack - Free with every butt and set of boobs
Huh? I thought the slogan was fitting. IE7 IS (a lot) more secure than IE6.
"You wanted it easier and more secure."
Yup, we did and that we got.
Doesn't everyone use firefox anyway?
Ha ha!
Chums up, let's do this!
I just ran the exploit test using IE7 under Vista RC2, and it came back and said that my browser "does not appear to be vulnerable to this particular exploit", so is this just a IE7 under XP issue?
By easier.. they meant for the hackers.. easier for the hackers..
by more secure.. ANYTHING is more secure than IE6, but now the hackers have secure communications for their exploits..
This has been a problem in Internet Explorer for a while (IE 6 and prior versions). Most people turn off Active Scripting because of the vulnerabilities. You can disable it and have "trusted" sites for those sites which you want to enable active scripting like http://windowsupdate.microsoft.com./
We get a quarter, actually. Obviously people are going to defend what they like. I like Firefox, although I never used to. I used to hate Mozilla, Netscape and family. I used Opera for a while, but I just don't like IE. I'm sure the day is soon coming when FireFox will have exploit after exploit.
x86, oh yes, I'm pro.
It's a "Less critical" vulnerability - not really dangerous at all. Firefox still has equally important unpatched "vulnerabilities" - some of which date back to 2004. Retards.
Karma: Could be worse (could be raining)
the problem isn't so much as not having bugs in FF but the fact that MS is trying to make it look like the new IE is revolutionary and secure than FF.
That makes me feel better! :)
All your vulnerabilities will be assimilated into our own.
On second thought, why not just use telnet? Surely that'll be safe from everything...right?
x86, oh yes, I'm pro.
Stretch. Scratch.
Oh, an IE vulnerability? That's cool man.
Hey, anyone want to get some lunch?
Actually Firefox has a similar vulnerability, which has been unpatched for months (as a design decision - there is no way to patch it without breaking useful stuff).
This is a new report of a old vulnerability which isn't serious. The fact that it's been released "not 24 hours" after IE 7 was released is, I would think, because someone decided to release it to coincide with the launch.
This problem was probably discovered back in beta 1, and was not mentioned until the official release. Nice! Way to play ball.
But every sane person in the world already has Internet zone security level set to High so who is gonna be affected by this?
IE7, freshly installed this morning, on XP SP2 reports not vulnerable. Perhaps it was already patched, or the exposure is more limited than the post implies...
Not an MS fan, but truth and accuracy are always good.
But aren't these vulnerabilities already popping up? They're fixed much faster though...
-- Cheers!
"Fool me once, shame on you. Fool me twice, shame on me." -- Scotty.
"Insanity is defined as repeating the same behavior and expecting a different result."
Micorosoft have been patching security for years. They now claim, "Security is job one." Do you believe it? Why would you? I would not trust IE unless it is rewritten from scratch. There is only so many patches you can do.
I worked on CALANdar back in the 90s. The program started its life as a quick and dirty in/out notifier. Over the years, it turned into a groupware scheduling package. Ignoring my protestations regarding security risks, I was required to add OLE to the Windows version. There was comments from the original author that said "I know this case is F**Ked, but Dick wanted it done now, I will fix it later." That code was there 4 years after the original author left. When you add onto an unstable base, you do not make code more stable.
Fight Spammers!
lynx sucks. I use links.
*sigh* And I sincerely wanted to move to IE7 from Firefox just to be contrarian.
Help poke pirates in the eyepatch, arr.
and your reference is? (link to the bug report)
But, don't forget that if you strip away too much, you'll end up with Lynx. Some people like at least images and css, you know?
Obligatory Soundbite Catchphrase
Meta will eat itself
" would not trust IE unless it is rewritten from scratch."
Even then I wouldn't trust it. MS's record at new code isn't any better.
Besides which, the Mozilla tree was originally a complete rewrite of
Netscape and that hasn't been exactly bug free. I think the real issue
is simply browsers having everything including the kitchen sink thrown
into them. They need to be streamlined , take out some of the eye candy
and functionality hardly anyone uses and you're off to a better start.
This vulnerability is not very significant. What I found more amusing was that on the same secunia page there's a list of the most popular advisories and Opera appears just under IE. The Opera vulnerability involves a mistake that any student learns to avoid in his or her first programming class. Furthermore, the Opera buffer overflow is rated as "highly critical" and affects both Windows and Linux versions, whereas MSIE 7's is only "less critical." The Opera bug is truly an amateur's mistake.
There are no uninteresting things. There are only uninterested people.
And if you were honest you wouldn't be hiding behind the AC label.
I agree completely. Heaven knows there weren't any fanboys on Slashdot before Firefox.
Ah, those were the days... rational discourse, on topic discussions, no spelling errors...Why, I remember one time, I said that I thought that Gentoo could be a little easier to install, and nobody modded me down. Dammit, I promised myself I wasn't going to cry!
"You will soon be more aware of your growing awareness." - My first recursive fortune cookie!
This bug is exposed through using AJAX. They are making an HTTPRequest to a page to pull off its contents, isn't this fundamental to web 2.0 and AJAX? To disallow HTTPRequests to webservers other your own makes seems to make developing mashups a little more difficult. For instance what about using javascript to read an RSS feed on your page? You could accomplish this in PHP but maybe you want your page to automatically update the RSS feed on your page without actually refreshing your page. Just throwing that out there for thought. I am aware there are plenty of "secure" workarounds if this support was turned off in IE. Too bad we have people who ruin things for everyone.
kind of a double edged sword. Its just so intellectually dishonest. Obviously they had found the hole before the release and were just waiting to try to embarrass MS.
They claim they want to see secure MS software, but work against the industry practice of making software more secure and bug proof by withholding flaws they find.
What was wrong with printed media?
I don't see what this "web technology" can do that a newspaper can't.
Badass Resumes
"Actually Firefox has a similar vulnerability, which has been unpatched for months (as a design decision - there is no way to patch it without breaking useful stuff)"
Could you give us a pointer to the Firefox bug and what stuff does it break.
"This is a new report of a old vulnerability which isn't serious"
Could you give us a pointer to the original report.
Score: 5, Damage control
davecb5620@gmail.com
switch?
'course, Slashdot is awful in Lynx. All the stuff in the sidebars goes to the top of the page.
And the comment entry is sucky too...
I use lynx to surf pr0n!
You're using her as bait, Master!
Let the CLI-browser flame-wars begin!
I have used ff for a few years now, and have been a fan. I presently run ff 2 RC3. I overall like ff, but I find besides the memory feature, that it is just slow and balky compared to IE (and I have tweaked the ff settings for speed). I really want to like ff more, but until it becomes a smoother experience, I will likely do most of my browing with IE7. As for being more secure, I just assume no matter what that any machine connected to the net is not secure and act accordingly.
That must not be your first UID. I don't ever remember a ton of rational discourse, on-topic discussions or error-free spelling.
It's like sex, except I'm having it!
Any publicity is good...good publicity is even better.
:)
Keep chatting it up, people. This is exactly what red-o-mundo' wants - how's it feel to be sooooo used, eh?
As long as hackers exists, we will continue to see articles like this. Mozilla and Microsoft are not alone (http://www.oreillynet.com/windows/blog/2005/02/ba d_news_about_firefox_securit.html). I am neither pro IE nor pro FireFox. I like both products. Go to the site reporting this issue, secunia.com. You will see several non-browser software as well with security problems. This is an industy problem. Just happens to be Microsofts turn this time. Sorry Bill...
If they knew about it before the release of IE 7 then they're low-lifes.
Maybe IE is bloated - but this is often the fate of a successful application.
Surely it must be possible to structure the system so that the threat caused by any application going crazy/malicious, can be contained?
This is the system architecture issue that is wider than just a browser.
Excuse, but where did you read that FF has that exact same vulnerability?
Also, even though FF does have issues, I believe you'll be hard pressed to find a vulnerability in FF that has been known for years and still gone unfixed. (According to heise on http://www.heise-security.co.uk/news/79745 this is actually an old bug that also affects IE 6)
If it's so secret, then how come I've never heard of it?
People will always find something. When you got hundreds of thousands of people checking your software for whatever issue they can find, odds are that they WILL find something. Just because its fun to bash MS doesnt mean its feasible to create a software with zero vulnerabilitise, that's impossible, new vulnerabilites are created each weeks.
:-)
I mind much less IE's security than IE's compliance to w3 standards. now THAT is annoying. having constantly to create two versions of your code. one for the compliant browsers and then one for IE.
For some reason, the suits at MS thinks that because lots of people use their software they have a moral obligation to tell people what the standards should be. Ok...I know IE7 is not as bad... but its still bad
If you look like your passport photo, you're too ill to travel. - Will Kommen
Who modded this troll? It's a perfectly legitimate point. He's not insulting the OP, it's a viable suggestion. While you could argue over whether its insightful, informative, or funny (given the comment on Lynx), this is by far not a troll comment.
Thunderclone: ONE MAN ENTERS! TWO MEN LEAVE! ONE MAN ENTERS! TWO MEN LEAVE!
This is news?
BTW: I tested the test script on secunia.com with IE7 Beta 2 and it said my browser is not affected by this vulnerability. Yet, JavaScript is enabled.
It would be great if cross-site XML HTTP requests would be forbidden completely in JavaScript. It wouldn't solve XSS completely, but at least some advanced versions of XSRF (POST requests via JavaScript, GET request and reroute reply to other server,
The security folks on firefox have a late breaking press release about IE5.x. As per the Firefox devolpment cycle, it only took 6mo for them to do anything about it. They claim that this has nothing to do with the release date of IE7 and swear that they do not FOD........
I like how Firefox originally started as the slimmer, less resource-intensive version of Mozilla. And look where it is now.
It's like sex, except I'm having it!
It's a little harsh to call that a troll.
It's a serious point. You could make a lite version. Lots of people would give it a try, me included. And there have already been forks of Firefox, like IceWeasel and Tor Park.
If it were talking about forking IE, it should be labeled "joke". As it's talking about Open Source stuff, it should be "insigtful".
"Do Firefox fan boys get a nickel everytime they defend firefox?"
What's sad is you'd think by now, after several exploits in FF have been uncovered, even FireFox fan boys would realize "oh, yeah, writing a browser's reallying f'n hard".
"I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)
Do Slashdot fan boys get a nickel everytime they defend slashdot? Honestly, this website fan boy war needs to end, we are more civilized. Besides, if slashdot had as many users as digg.com, im sure their would be stupid fan boy comments popping up from left to right on slashdot.
These days it seems as though many programmers don't know assember. They don't know what it is program with limited amounts of memory and how to write tight and fast code. Part of it may be marketing checklists, but some of it is ignorance and lazyness.
Fight Spammers!
I may be confused, but doesn't client site http requests done in this fashion only allow content from the domain the page itself is in? If you view the source of that test page the request is being made to "http://secunia.com/ie_redir_test_1", if you paste that url into a browser it looks like that is page is just dynamically pulling the google news.
Me too!
stupid is as stupid does....
Took me all of 3 seconds Googleing for "brillant site:thedailywtf.com".
Paula's Brillant Bean:
http://thedailywtf.com/forums/40043/ShowPost.aspx
Ha ha! im the safest of you all! I use wget to download it to an encrypted file, then view it with a hex editor, decrypting it in my head!
*starts coughing*
CRAP! My brain got a virus!
All misspellings and grammatical errors in the above post are intentional and part of my artistic expression.
I wish Safari of FF were the most widely used browsers. This just means another security update for IE 6 & 7 (seems my copy of 6 is vulerable too). And that means something else I am going to need at IE to do at some point in the future will mysteriously turn up broken with no explination. Something you wouldn't expect either, watch it turn out to be something like setting the innerHTML of a table (grumble)... or that little piece that connects to the flash player (grumble) making certain browser functions impossible to use (grumble) or the XML (piece of never working &@#*$ing &@# *$&@#*$ crap) object will turn up not working right (as though it were possible to tell). Or IE will decide it's doing a public service by warning you every time you load an activeX object in an application that doesn't touch the Internet, loading said warning before you load anything in your 500+ page interface. When these things happen they either don't talk about it at all, or they tout them as "features." Excuse me, I need to go bang my head on my desk now.
telnet allows terminal escape sequences to be send to the terminal:
1 0031920
http://marc.theaimsgroup.com/?l=bugtraq&m=1046127
I'm running some beta of IE7+ on Vista RC1 (I haven't had time to upgrade to RC2 yet). The vulnerability test shows that this browser isn't vulnerable.
http://brandonbloom.name
i couldn't agree more. Nerdom Unite! if you see a story on M$ and you hate them, then try to post something informative to help folks like me understand what the problem is. you don't need to remind me that they are a heartless corporate juggarnaught or that run hoary hedgehog on your whitebox or you have never gotten a virus because you are cool mac user.
and if you are a moderator, please mod these things down, or at least don't mod up. i know humor is relative, but after a few posts of "that was fast?", or "that's news?" maybe we can stop modding things as funny and go for redundant.
my own opinion is that that some things work better on ie. its just a fact. my default browser has been FF since tabbed browsing, and also to support their work, but now that ie has some of that same functionality, i am using it even more because i tend to go to it for a few sites that i use for work that demand it. security hasn't been an issue with either browser (nor was it when i used Maxthon, or Opera).
I guess it's a canadian mother.
Micorosoft have been patching security for years. They now claim, "Security is job one."
No, at Microsoft, security is job 1.1B7-SP3 (plus a hotfix).
Video pr0n.
My blog
lynx + aalib patch == old school nerdvana
As seen with Webkit.
Server: Apache
Location: mhtml:http://secunia.com/ie_redir_test_2
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
Webkit cannot open this address, and the script breaks. Nothing appears in the results field.
Right click.... Oops, that was Macs...
My 0.02 cents
Actually if you check better what is going on at the HTTP level you find the bug. Just look at it using wget
Request: http://secunia.com/ie_redir_test_1
Answer: 302 with Location: mhtml:http://secunia.com/ie_redir_test_2
where MHTML is a special mime for storing a full web page in a HTML file. Then
the browser peforms the redirection
Request: http://secunia.com/ie_redir_test_2
Answer: 302 with Location: http://news.google.com/
finally a good browser should stop the forwarding because of the different domain, but
instead IE gets confused and grabs the external resource.
Okay, so it hangs if I just launch it and press CTRL+W. Anyone else experience this?
The Secunia test says I am not vulnerable with Vista RC1
Vista RC1 was released almost a month ago.
So I am surprised this new XP IE7 build still exibits this issue.
Looking at the source, I suspect this is not a IE issue at all, instead this is a MSXML issue.
Vista has anewer version of MSXML.
XP IE7 seems to be using the older version.
...so we made it more complicated and more insecure instead. MUAHAHAHA. They don't call us the evil empire for nothing, b*tch!!!
Parent is SOOOO not a troll.
Obligatory Soundbite Catchphrase
I agree. Forget about all the the security flaws in IE and focus on all the spying conducted by MS personnel. Between pulling financial records of problem customer employees (those championing competitor products) to placing audio surveillance all over large corporations, to attaching GPS trackers to purchasing agents and decision makers at large corporations, MS is far more active in security breaches of corporate America than these serious browser bugs.
HP pales in comparison to MS - when it comes to unethical and/or illegal spying.
He has made 291 comments in the past. He has a number of fans and a number of freaks. He has made comments that some people like and some people don't like, and no matter what he stands for it, by using his account. You're a coward because you make trollish comments and don't have the balls to stand for what you say. You're worried that some people might use your comments against you in a future discussion, or you're worried that this might harm your karma.
The difference? He's a man that's not afraid to stand by what he said, you're a small boy that runs around a creates a mess and then blames some one else. If you have any sort of backbone and not a spine made of jello, you should reveal your username. No? I figured you wouldn't.
Yeah, I know very little about this stuff so I just spent some time trying to figure out whats going on. http://secunia.com/ie_redir_test_1 does a 302 redirect to mhtml:http://secunia.com/ie_redir_test_2. http://secunia.com/ie_redir_test_2 does a 302 redirect to http://news.google.com/. I guess the point is to get the content of news.google.com in a page with the location still being in secunia.com. That way the script would have access to anything you have a current session to... webmail for example.
If you go to the website and run the vulnerability checker you will find I.E. 6 has the same problem.
So to raise the sky is falling alert is premature in a sense, but any bad news is good news to alert people to the exisiting fact that I.E. is unsafe at any version.
The exploit fails running on IE7 in Vista with protected mode.
didn't see that coming... nope.
the mods may say you posted flamebait, but to me it's a flame that warms my heart. rock on, brother! --chebucto
I went to the site and found out that the bug wasn't working! Then I looked and saw that I opened up Firefox instead of IE7.
I get that slashdot would want to rag on IE7, but let's be fair, it's a new IE vulnerability that exists in previous versions of IE as well. It's not some flaw that magically appeared in IE7.
Sorry for the OT, but I have some work to get going for a change.
Does any of you who have tried IE7.0 use Tortoise SVN extensions?
Does it keep working fine after IE 7 install?
Thanks.
-><- no
You sound like you could use an Apple. Most people I know who have been frustrated with complexity do find that OS X is a nice peaceful place with much less feature overhead. I'm not just talking about artists either, I'm talking about oracle-on-linux admin's, ajax engineers, qa engineers, and my mom. I'm not saying Apple is for everybody, but it does sound like it might be for you. I'm also not saying switch, because there's no sense in giving up a perfectly good Microsoft or Linux OS just because you try out yet another alternative.
You have to love it when researchers find vulnerabilities in Beta/RC softwware and then hold on to them until release hoping they're not fixed so they can sling mud and/or gain additional notority for the discovery.
If you're using bash, try set bell-style visible in your ~/.inputrc. ;-)
What was wrong with gopher???
Ah...the simpler times. I know you were aiming at funny, but you're really insightful. HTTP/HTML is supposed to be **hypertext*** transfer protocol; not image transfer protocal, not mp3 binary transfer protocol, and not the flash rendering protocol. HTTP/HTML has more unnecessary trinkets, bells, whistles, and blinking lights (ouch, blinking tags) hanging off from it than a christmas tree. It has evolved and is used in a haphazard way far beyond its original purpose. Its not the plain text that roots a box, its all the extras.
Gopher was a lightway (although inflexible) text protocol. In a way, we are re-creating the spirit of gopher when we have Firefox extensions such as adblock, flash-block, and no-script in order to get rid of all the annoying blinking lights.
My friend has a pretty good post as MS and he only has a high school diploma. He does seem really preoccupied with electronic surveillance equipment and spreading rumors.
Dude, 24 hours is more secure for Internet Explorer.
you'll be hard pressed to find a vulnerability in FF that has been known for years and still gone unfixed
Stealing from another post, how about this and this?
Sure, no problem. Which on of my seventeen accounts would you like me to log in under? I have logins for all of them in a folder on my bookmark toolbar at home (figuring out that Slash doesn't discriminate between GET and POST requests on the login form was a HUGE timesaver for me), so just pick a number between 1 and 17 and it's only a click away. Or perhaps you'd prefer to choose a political or religious ideology for me to use. I have all the major U.S. political divisions, although I only have an Israeli Jew and a Southern Fundamentalist christian for you to pick from on religion. Also, should I be rich or poor, and would you prefer I live in New York, Oregon, or Tennessee? And should I use the sockpuppets to artificially prove and disprove each others' posts, or would you rather I just let the conversation flow without guiding it along like that? Or maybe you'd prefer I just consider posting AC where I consistently post open and honest opinions based on who I really am since there's absolutely no value in constantly altering my AC opinion since I'd have no way to prove any havoc I wreaked by doing so anyway?
Oh, I'm sorry, you were saying something about how you can use Slashdot accounts to get an accurate and honest accounting of a person's posting history and their opinions. What was that again?
What a fool believes, he sees, no wise man has the power to reason away.
I often see statements like "I'd wager 90% of the functionality for X is only used by 5% of end users.", with the implicit assumption is that you could remove 90% and only upset 5% of the users.
Unfortunately the math is not that simple. Quite often single users do only use 5% of the features, but it not always the same features for all users. So its possible that when you remove the least used features to get almost every user lose at least one feature they must have. What users really mean is: "I only use 5% of the features and I don't want to be affected by the ones I don't use." And "not effected" applies to UI design and security.
A system of minimal core functionality, plus opt-in, add-on plugins is a solution for this. The concept is applies to operating systems (e.g., microkernels like QNX) as well as applications. I'm not familiar with it, but I hope FireFox designed their plugin interface with the right balance of security and flexibility to achieve this.
It's funny to see how snotty the purists get when their tech is hacked and abused to do things it wasn't "intended" to do. Especially when these same folk revel in doing it to other things.
Seriously, get with the fucking program - the people have spoken and this is what they want. No one gives a fuck all about HTTP being for text only. Shut up or get off.
but what if, like me, its not a matter of being a coward, but being really lazy and hating to have to remember passwords to every stupid website I go to... (and yea, I know about password saving programs, but I've had too many of them crap out on me and loose my passwords over the years and I stopped using written down passwords after loosing my third password book... although no one has hacked my yahoo id yet in the 5 or so years I've had it)
sorry for the rant... the ape-ish chest pounding was bothering me...
"Fool me once, shame on you. Fool me twice, shame on me." -- Scotty.
This is all wrong, that is an old Texas saying (I believe they have it in Tennessee as well).
"Fool me once, shame on....shame on you....fool me you can't get fooled again"
Finkployd
I just tested Firefox 1.5.0.7 and it is not vulnerable.
So just what version are you discussing here?
What did you expect people? Of course IE7 vulnerabilities! It is IE after all.
\
Yeah it seems like some MS guys that used to come onsite to our company (a Fortune 500 company) got booted out of here for leaving backpacks in meeting rooms with recording devices inside. Made some of the execs pretty mad and they got the goodbye.
"you wanted it easier and more secure"....sounds like bringing a gun when picking up a hooker.
This vulnerability is NOT IE7-only -- I just tested IE6 and it is also vulnerable.
Yes,
I only have Slashdot open, FF (2.0 RC) has only been open for about 20 minutes, and it is taking up 85 MEGAbytes of RAM, second only to VS and services.exe. I have not even downloaded anywhere near 85 Megabytes of stuff!
You asked...
(btw, I am not the poster you replied to)
Am I the only one that gets tired of this childish anti-MS ranting?
-K
Slashdot is perhaps the only site I keep a constant login to, but I also don't store any personal information on Slashdot either. I do shop on Amazon.com and do a few other things, but always make sure I logout (which is a pain on Amazon.com since you have to go through the site until you find a 'not ? Go here' type of hyperlink).
Stay logged in and let your data be vulnerable...
Or, better yet, login only when you need to and keep your data relatively safe.
Truth is like the sun. You can shut it out for a time, but it ain't goin' away. - Elvis Presley (source: imdb.com)
my own opinion is that that some things work better on ie. its just a fact.
For example: html composed with Frontpage.
OK just installed ie7 click the google add more buttons, button. Cause you can never have to many menu bars and buttons. (I kid) But the google toolbar seems to have an icon for KayzerNet that is exactly the slashdot icon. Well the button is a green /.
http://www.google.com/tools/toolbar/buttons/galler y?sourceid=navclient&hl=en
OMG Ponies!!! with Glitter!!!! I miss Pink
DAMN KIDS! STAY AWAY FROM MY TUUUUUUUUUUUUBES!
(and here is some lowercase text to make the lameness filter ecstatic)
-- http://frobnosticate.com
Mmm, IE was public since Beta2... why secunia take too long to pulish the vulnerability instead of warning MS in beta stages?
All politics to me.
Unlike this exploit for IE that has been around foever. Learn to read.
that, too, can be done in print, thanks to the magic of flipbooks.
Every contemporary Software with a halfway decent GUI has a security flaw. Example: Yes, I'm more than sure that computers who where running Battlefield2142 at some time in the past can be used to start DDOS Attacks against any target, IF properly exploited by skilled haxx0rs/craxx0rs.
I believe he might be referring this one: http://secunia.com/advisories/20442/
Secunia's test says I'm not vulnerable. I'm using XP and IE7... WTF???!!!
Download Size:
IE7: 14.8MB
FF1.5: 4.9MB
FF2RC3: 5.6MB
HD Space Needed:
IE7: 87MB to 218MB*
FF1.5: 52MB
FF2RC3: 52MB**
*These values for IE7 are listed under the "Memory" title. Does it mean computer memory required or hard drive space? If it IS memory required, who has 87MB installed? Is MS just perpetuating the misunderstanding between hard drive space and memory?
**These values for FF2RC3 came from the same specs page as FF1.5, the FF2RC3 download page linked to it though.
A great many people think they are thinking when they are merely rearranging their prejudices. -- William James
How can it read the contents of the news.google.com if i have never been there?? I only use google to search not anything else?? what am i missing here?
Jack of all trades,master of none
Anyone else notice that the registry key that was touted as preventing the IE7 upgrade doesn't do jack?
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Setup\7.0]
"DoNotAllowIE70"=dword:00000001
I had thought it would categorically deny even the downloaded setup file, not just setups that were (eventually) launched from inside WindowsUpdate.
HTTP does not at any point render Flash. At all. Ever. It may be used to send a binary .fla file which is rendered at the far end though.
It transfers all kinds of files, get over it. I'm not going to waste time sending image requests over FTP.
How many people can read hex if only you and dead people can read hex?
Maybe nobody is gloating over it because it was patched in version 9.0.2 which was released almost a month ago.
I'm not not licking toads.
Or hv3. It's got CSS compliance that passes Acid2, 90% frame support, and no Javascript or Flash support. The only negatives are it's a little alpha-y (background tabs block the whole UI, etc.) and there's no HTTPS support. It's rather lightweight, however, and actively developed. I use it on my Thinkpad 233MHz no trouble.
I'll use elinks for GMail and my bank website because it handles HTTPS. Using plain links for regular web browsing pales in comparison. Even w3m or dillo do better than that. And, if I'm not mistaken, Lynx is only used at libraries without funding, at universities with a documentation/knowledge base system build around it, and for users with disabilities. Well, I guess you can script with it...
Here is the line of code they use to get the source of the said 3rd party page: request.open('GET', 'http://secu'+'nia.com/ie_redir_test_1/?' + Math.random(), true); Here is why this 'bug' does not do what they say it does: The browser does not allow AJAX style connetions to any domain outside of the one you are currently on. To 'get around this' Secunia has connected to a page on thier server which then goes and gets the code. Probaly using a readfile command. Here is why this is NOT a browser bug: The page that they are calling is on thier server which means that it does not have your cookies or your session data. The server page that they are opening can only view the page from the stand point of an not-logged-in user. This isn't a new trick that Secunia just invented, it is used quite often to get data from other websites. But the only way to log into another website in this manner is the have the server side page open a socket into that 3rd party page. This cannot be done, again, because their server does not have your cookie data. This is not a browser bug.
So it is quite likely that those not vulnerable on XP SP2 have patched, and those that are vulnerable will very soon not be so.
A complete oxymoron. Just like 'playground safety'. Ask these guys ... http://news.yahoo.com/s/ap/20061018/ap_on_fe_st/pl ayground_tag_ban_4
I call shenanigans on this because of how contrived it is.
If they had somehow actually gotten content from a site I had running in another tab--but no. They didn't.
I pick #14 - Donkey - Jew - poor - Oregon
***Game Over***Insert Coin***
http://www.securityfocus.com/bid/19181 It's not like Mozilla suite is untouchable either.
And for the people that voted my post yesterday as "redundant" without trying the URL, Microsoft has retaliated by releasing a new version of IE7 available at http://www.ie7.com./
http://www.theregister.com/2006/10/19/opera_securi ty_bug/
M&M's + RedBull?
I was thinking and to take in effect that IE7 was released on Vista a long time ago; they have probably had time to work on the bug since beta of IE7 or got it off RC1 on Vista. The headline is just screaming for attention though.
Wow. That is complete embarrassing...
[%] Cingular Ringtones
Everytime I see that quote, I picture Dubya, can of Coors in one hand, heavy metal horns upraised in other, rocking out to The Who...
And then I get the willies...
"But this one goes to 11!"
Everytime I see that quote, I picture Dubya, can of Coors in one hand, heavy metal horns upraised in other, rocking out to The Who...
I would vote for ANY presidental candidate who does this. If only because it really does not matter so much which of the two gets into power anymore, it really ought to be the one who don't NEED no instructions on how to rock.
Finkployd
Heh, I believe the instructions on "how to rock" came with his 8 ball...Or was that instuctions on "how to make rock"??
"But this one goes to 11!"
Yes, anybody gan get to Google News. But not anybody can get to Google News logged in as you (Well obviously now they can, but they shouldn't be able to, anyway). If you login to Google in a different window (either through GMail, Google IG, or some other Google service), and then test this script, you will see that the data it returns to you will show you logged in. It doesn't need to know if you're logged in to anything. It just needs to wait for the average Joe who happens to be logged in and executes the script.
The vulnerability is real and exploitable. I do not understand why they didn't fix it as it was clearly already disclosed in April.
I've tried it on Vista (at work) along with XP with IE7 previously installed via WU and with a version I just installed though the download from microsoft. In all three cases I get the message "Your browser does not appear to be vulnerable to this particular exploit"
Is this website trying to capitalize on increased traffic by announcing a fake IE7 exploit or did MS just fix it incredibly fast? Based on MS' past history, I'm guessing the former.
Education on computer security issues does not follow directly from sanity. There are plenty of perfectly sane people who wouldn't know an "internet zone security level" if you smacked upside the head with it.
The reason that computer security matters is not to safeguard MY pc from attack it's to safeguard the computers of idiots from attack so we don't have multitudes of zombie networks being controlled by organized crime.
-- QED
I was going for an obscure aqua teen hunger force reference, but you took it to a whole new level. Zing! :)
Finkployd
My XP SP2 machine is up to date, and I installed IE 7 today. The test at that link reports that it is vulnerable.
http://lkml.org/lkml/2005/8/20/95
ok, here you go: http://secunia.com/advisories/12580/
I ran the test code on IE on Vista RC2, and it did not succeed. 'your browser does not seem to be vulnerable to this particular exploit' is what I get.
It didn't work on my system...HA HA
The bug is in IE6 too, so it could be blamed as a legacy issue...
ilovegeorgebush
I read TFA and I didn't see anything there explaining how the bloody vulnerability works. I don't speak JavaScript too well, so if someone could explain how the security hole does what it does, it would be appreciated.
Zagreus sits inside your head, Zagreus lives among the dead, Zagreus sees you in your bed and eats you in your sleep.
Did either of you actually read through the bug report on Bugzilla, or did you just link to something old? The first bug is actually a strict following of the RFC for cookies. Since it can be exploited if web sites do not set and check their cookies correctly, people are expecting Mozilla to have the browser fix it for them.
For just an example of how much of a pain this check is, consider the following from the Bugzilla page. This is just for one domain and the same type of rules would need to be white/black listed within the Mozilla source code in order for any fix to work for this "bug".
---John Holmes...
All these posts and I haven't found one yet that even 'realizes' what the problem is, why it doesn't exist in Vista and why it continues to exist in IE7 for XP.
The flaw is in Outlook Express and not IE7. This is why the IE7 update made no difference and why the problem does not exist in Vista even though IE7 is is used.
Also the way they are reporting the bug is a bit off on what is happening and why it is happening.
On the contrary, i would make the additional caveat that i would not trust IE unless it was re-written from scratch *by someone with a good security track record* and peer reviewed. Simply being a re-write won't necessarily make it any better.
There's no limit to what patches can do, you just have to be aggressive with your modifications.
Posted from IE7 on XP SP2, checked as vulnerable (I am at work and using this as a guinea pig machine) :D
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
... "you wanted it easier and more secure" to "you wanted it, good and hard."
It's Linux, damnit! Pay no attention to renaming attempts by self-aggrandizing blowhards.
It was known in IE6. It's hardly accurate to say it was "discovered" in IE7.
Slashdot quality declines as the number of hot grits posts decreases. - Provolt's Law, Apr-09-2005
Gopher could present images, sound, etc., as well as those gopher menus and text pages. I used it on a NeXT!
Actually, it's one that MS has known about for a long time and didn't fix in IE 7. It also exists in IE 6.
I hate to break this to you, but there are LOTS of known, unpatched vulnerabilities and Microsoft is doing a poor job of keeping up with them.
See BetaNews for details: http://www.betanews.com/article/MS_IE7_Flaw_Really _in_Outlook_Express/1161290765
MS: IE7 Flaw Really in Outlook Express
By Nate Mook, BetaNews
October 19, 2006, 4:46 PM
Microsoft responded Thursday to reports of the first exploit affecting Internet Explorer 7, which cropped up less than 24 hours after the browser's official launch. Christopher Budd from Microsoft's Security Response Center says the flaw lies not in IE7, but in an Outlook Express component.
This fact could explain why the problem first surfaced back in November 2003 and was found to affect IE6 last April. "While these reports use Internet Explorer as a vector the vulnerability itself is in Outlook Express," Budd said. Microsoft notes it has received no reports of any attacks against customers, but is investigating the situation and may release a patch if necessary.
You ever try to operate a flip book with one hand?
Did you read the title of http://www.microsoft.com/downloads/details.aspx?Fa milyID=4516A6F7-5D44-482B-9DBD-869B4A90159C&displa ylang=en ? The part about "Toolkit to Disable Automatic Delivery of Internet Explorer 7" . What part of "Automatic Delivery" did you not understand? Just to be sure, I'll reprint the second bullet point: "The Blocker Toolkit will not prevent users from manually installing Internet Explorer 7 as a Recommended update from the Windows Update or Microsoft Update sites, from the Microsoft Download Center, or from external media." Although you are right about one thing - the registry key doesn't do jack yet, because automatic downloads won't start for two weeks.
Moron.
I'm aware of the article.. :-) IMO they should spend more time fixing the problem than writing about it.. ;-)
Remember, there are no stupid questions. But there are a lot of inquisitive idiots.
What bugs me is that this vulnerability wasn't "discovered" once IE7 was released; more than likely, these people knew the bug existed in IE6, and in the IE7 betas, they waited until IE7 was declared Gold, then went to press! If they acted correctly instead of trying to grab headlines, they would have notified MS in advance, to allow an opportunity to correct it. Not absolving MS by any means, but this seems awfully self-serving be the "security researchers"...
-- You can't drink all day. (Unless you start in the morning...)
The difference is that you're a troll. He isn't. Sure, the system can be abused, but that vast majority of people don't abuse it. You do, and therefore you are an asshole. You are just proving the posters thesis: you can't be trusted with any of your comments. He was right. You just proved him right.