Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Patches "Google Hack" Flaw In IE

Posted by timothy on from the you-saw-this-coming dept.

An anonymous reader writes "As expected, Microsoft has issued an out-of-band security patch to address a remote code execution hole in Internet Explorer that was used in the recent Chinese attacks disclosed by Google. Ars Technica has all the download links you need."

17 of 142 comments (clear)

  1. Re:WTF! FORCED SHUTDOWN by mrjohnson · · Score: 5, Insightful

    Rebooting to upgrade a browser is at least five levels of wrong!

  2. Re:Of course... by Pojut · · Score: 3, Insightful

    ...this does not apply to Mac users, because Mac's don't suffer from drive-by downloads and other malware. My PPC G5 running Safari on Snow Leopard is rock-solid and secure.

    I take it you haven't heard the news? Granted, it's much more secure...but not secure.

    People think that Mac's are expensive, but the safety and security alone are reasons to justify the high price. The sleek, advanced looks are just the icing on the cake.

    Uh...OSX is what is safe and secure...not Apple hardware. Install OSX onto a hackintosh and it will be just as secure as your overpriced "icing". Macs ARE expensive, and the low-cost of upgrading to Snow Leopard just proves that you are paying far too much for hardware, not the software that it utilizes.

    Come on. If you are gonna fanboy for a single system, at least get your facts straight.

    --
    Living With a Nerd
  3. Google has BACKED DOWN in China by hackingbear · · Score: 2, Insightful

    This is a bit off-topic but I have nowhere else to post this. I have attempted to post the reports that Google has backed down in China and re-enabled search result filtering in Google.cn despite of the lack of REAL actions from the Chinese government in the last two days, but /. editors keep refusing to put this relevant in the headline. Right, how can we be critical of our new found American hero defending the precious "freedom" and fighting the evil China? How can a hero backing down to the evil China? Hero can't make fundamental principle error, or you are not allowed to know when it does. Can someone find a way to post this news report (which can be verified search "June 4" in google.cn and which I can't find any English language sources)?!

    1. Re:Google has BACKED DOWN in China by Anonymous Coward · · Score: 1, Insightful

      Calling China "evil" is childish, naive, narrow-minded, and stupid.

    2. Re:Google has BACKED DOWN in China by drinkypoo · · Score: 2, Insightful

      Calling China "evil" is childish, naive, narrow-minded, and stupid.

      As long as China is killing people for cheating on their taxes and harvesting their organs, then selling them on the world market, then they are evil. As long as they are imprisoning Christians for their religious beliefs, gang-raping them and sending them to work camps to make plastic gewgaws (like christmas lights) for sale in the US, they are evil. And as long as we buy them, we are also evil.

      Why, oh why, have you not logged in? Could it be because you know your ideas are not worth the attachment of a name?

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    3. Re:Google has BACKED DOWN in China by Anonymous Coward · · Score: 1, Insightful

      AFAIK, Google never announced that they stopped censoring. So claiming that they "backed-down" is disingenuous. They've already made good on their threat by delaying the release of 2 phones pending talks with the government. Feel free to lambast them once they've concluded the talks and yet still censor results.

  4. Re:Quick turnaround! by UnknowingFool · · Score: 4, Insightful

    No it goes to show how fast MS can release a patch (and out of their normal cycle) when face with a large amount of negative PR. Normal vulnerabilities usually have to wait til Patch Tuesday. But when Google announces that IE was to blame in a large number of attacks, both France and Germany advises their citizens not to use IE for a while, MS better patch it sooner than later.

    --
    Well, there's spam egg sausage and spam, that's not got much spam in it.
  5. Re:Quick turnaround! by UnknowingFool · · Score: 4, Insightful

    It only proves my point. MS sat on the bugs for months and only released a patch after public disclosure by Google. How much longer would have they sat on them if it wasn't for the bad PR.

    --
    Well, there's spam egg sausage and spam, that's not got much spam in it.
  6. Re:What if IE could be uninstalled? by BitZtream · · Score: 3, Insightful

    Removing IE is easy, its a wrapper GUI around a browser engine. Delete iexplore.exe, there you deleted IE.

    The rendering engine is in a shared DLL thats used by just about everything now days, even if the app doesn't use the renderer directly, the built in help system is HTML based and uses the shared library for its renderer.

    Its also used by HTML style dialogs, which are basically dialogs that use HTML to define the layout rather than the old style dialog resources.

    This isn't really different from any other modern OS which uses HTML all over the place. I can't think of any modern desktop OS that doesn't have massive dependancies on an HTML renderer.

    --
    Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
  7. Re:Microsot by draconx · · Score: 4, Insightful

    No, what slashdot needs are editors: people who read and correct errors in written works prior to publication.

  8. Re:Quick turnaround! by Dishevel · · Score: 3, Insightful

    How much longer would have they sat on them if it wasn't for the bad PR.

    Stupid question. Answer is of course "Forever!".

    --
    Why is it so hard to only have politicians for a few years, then have them go away?
  9. "out-of-band" by oldhack · · Score: 2, Insightful

    Ooooh, we all talk like com techs. Aren't we all so clever?

    --
    Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.
  10. Re:Quick turnaround! by bstone · · Score: 2, Insightful

    >>Nothing quite like two national governments recommending against using your product to raise the priority of fixing the problem

    Nothing like people actually switching browsers in droves because of the warnings to raise the priority of fixing it. Now that they've switched, what are the chances of those lost users switching back?

  11. Re:Shutdown IS the fix by Anonymous Coward · · Score: 1, Insightful

    Why would you walk away from your pc for more than 5 minutes without saving anyhow. Comments like this just make me wanna scream dumbass.

  12. I call Shenanigans! by Brett+Buck · · Score: 2, Insightful

    Snow Leopard will not run on a PPC. Nice try.

  13. Re:Quick turnaround! by Anonymous Coward · · Score: 1, Insightful

    You've got to be kidding me. I've been further even more decided to use even go need to do look more as anyone can. Can you really be far even as decided half as much to use go wish for that? My guess is that when one really been far even as decided once to use even go want, it is then that he has really been far even as decided to use even go want to do look more like. It's just common sense.

  14. Re:Quick turnaround! by Canazza · · Score: 2, Insightful

    well you can't complain, you're getting IE for free

    --
    It pays to be obvious, especially if you have a reputation for being subtle.