Slashdot Mirror

← Back to Stories (view on slashdot.org)

Experts Say To Switch Browsers In Light of IE Vulnerability

Posted by timothy on from the here's-my-number-if-the-place-burns-down dept.

It appears that the exploit in IE briefly mentioned a few days ago is causing a serious reaction: SteveAU writes "Microsoft has begun flooding media outlets with information advising users to switch to an alternate browser while a serious security flaw is being patched. The flaw, which affects all versions of Microsoft Internet Explorer, is manifested via malware and has infected over 6,000 sites thus far. Microsoft states: 'The vulnerability exists as an invalid pointer reference in the data-binding function of Internet Explorer. When data binding is enabled (which is the default state), it is possible under certain conditions for an object to be released without updating the array length, leaving the potential to access the deleted object's memory space. This can cause Internet Explorer to exit unexpectedly, in a state that is exploitable.'" According to the BBC report, though, Microsoft itself is only asking that users be "vigilant while it investigated and prepared an emergency patch"; it's outside experts who say to dump IE (at least for now).

Update: 12/16 21:11 GMT by KD : Microsoft will issue an emergency critical update for IE tomorrow.

4 of 455 comments (clear)

  1. Re:Microsoft should just scrap IE by LingNoi · · Score: 0, Troll

    If it wasn't invented by Microsoft they're not going to use it.

    You can forget about them using anything standards base. If they did replace the rendering engine they would build a new one which would introduce even more non-compliant rendering.

  2. Re:Is any browser safe? by El+Lobo · · Score: 0, Troll

    Still living in 1997? Reality check...

    --
    It's time to realise that Abble's products are the biggest abomination these days. Just say NO to the dumb iAbble way!!
  3. Re:Is any browser safe? by stewbacca · · Score: 0, Troll

    If it has always been possible, then why couldn't a team of Microsoft engineers do it the anti-trust case?

  4. Re:I'm no fan of MS... by the_B0fh · · Score: 0, Troll

    Dude - you are using ActiveX in IE *TODAY* It's a fucking design flaw. Does it matter if the article is 10 years or 20 years old?

    Which part of "IT'S A FUCKING DESIGN FLAW" do you not understand?

    Mark Minasi wrote a book on this: http://www.softwareconspiracy.com/ In the book, he gets on the record quotes from Microsoft/Sun/Oracle development VPs on why they put out shitty/insecure software. The answer - because the customers buy it anyway. It's people like you who hand wave shitty stuff away that's stopping the software industry from improving.