Slashdot Mirror

← Back to Stories (view on slashdot.org)

Experts Say To Switch Browsers In Light of IE Vulnerability

Posted by timothy on from the here's-my-number-if-the-place-burns-down dept.

It appears that the exploit in IE briefly mentioned a few days ago is causing a serious reaction: SteveAU writes "Microsoft has begun flooding media outlets with information advising users to switch to an alternate browser while a serious security flaw is being patched. The flaw, which affects all versions of Microsoft Internet Explorer, is manifested via malware and has infected over 6,000 sites thus far. Microsoft states: 'The vulnerability exists as an invalid pointer reference in the data-binding function of Internet Explorer. When data binding is enabled (which is the default state), it is possible under certain conditions for an object to be released without updating the array length, leaving the potential to access the deleted object's memory space. This can cause Internet Explorer to exit unexpectedly, in a state that is exploitable.'" According to the BBC report, though, Microsoft itself is only asking that users be "vigilant while it investigated and prepared an emergency patch"; it's outside experts who say to dump IE (at least for now).

Update: 12/16 21:11 GMT by KD : Microsoft will issue an emergency critical update for IE tomorrow.

3 of 455 comments (clear)

  1. Vista - Stop letting your friends use XP... by TheNetAvenger · · Score: 0, Flamebait

    - Protected Mode in Internet Explorer 7 and Internet Explorer 8 Beta 2 in Windows Vista limits the impact of the vulnerability.

    - By default, Internet Explorer on Windows Server 2003 and Windows Server 2008 runs in a restricted mode that is known as Enhanced Security Configuration. This mode sets the security level for the Internet zone to High. This is a mitigating factor for Web sites that you have not added to the Internet Explorer Trusted sites zone.

    ---

    In other words, if you are running IE7 or IE8 on Vista, about the most that happen is your browser crashes.

    This is another example of where people telling their friends and users to stay with XP screws them over.

    As much as people want to hate Vista, there are some real GOOD freaking reasons average users should be using it.

    If you want a goog RealLife example, find a friend that has both an XP machine and Vista that has the same users on each computer (like your neighor's family) and notice there are tons of spyware crap on the XP computer and 99.9% of the time NONE on the Vista machine.

  2. Re:Is any browser safe? by Raenex · · Score: 0, Flamebait

    Fixed that for you.

    Fuck off.

  3. Re:Is any browser safe? by Raenex · · Score: 0, Flamebait

    Fixed that for you.

    Fuck you too.