Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Issues Workaround For IE 0-Day

Posted by timothy on from the we-call-these-o'houlihan-patches dept.

Orome1 writes "Microsoft has issued a security advisory with advice on how to patch a Internet Explorer zero-day vulnerability recently spotted being exploited in the wild by attackers that might be the same ones that are behind the Nitro attacks. News that there is a previously unknown Internet Explorer vulnerability that is actively being misused in the wild by attackers that are believed to be the same ones that are behind the Nitro attacks has reverberated all over the Internet yesterday."

7 of 101 comments (clear)

  1. Load Firefox? by jfdavis668 · · Score: 5, Insightful

    The work around is load firefox or chrome.

  2. Re:incoherent summary by vlm · · Score: 4, Insightful

    What does this even mean? Is it the same 0-day? Is it a different 0-day? Can we get some editing up in this bitch or what?

    There's so many it doesn't really matter. They'll be another next month, and the month after that, and the month after that.... You can safely assume that at any given instant there exists at least one active zero-day infecting IE users.

    --
    "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
  3. Re:Tired of the IE hate... by NatasRevol · · Score: 5, Insightful

    The question is why you need to manage a browser so much.

    --
    There are two types of people in the world: Those who crave closure
  4. Re:Workaround is stupid by Anonymous Coward · · Score: 2, Insightful

    Or install an alternate browser with No-Script.

    FTFY.

  5. Re:incoherent summary by LordLimecat · · Score: 3, Insightful

    Last time I had looked into it, IE9 was more secure in several ways than Firefox. It also had comparable number of security holes.

    Have things changed substantially in the last year?

  6. Re:Load Firefox? Can't replace everywhere. by pointyhat · · Score: 3, Insightful

    You speak with authority but do not understand the principles and abstractions.

    It's called COM. Windows is based on COM. It allows components to be reused, which is good design and good practice.

    This is the same concept as WebKit being a shared library on Linux and gnome help, gnome file manager and Epiphany importing it.

    I they discovered a WebKit hole: waah waah whinge whinge there is a hole in Gnome Help - save us all from the 0-day

    That complaining never happens but if Microsoft fall to the same thing, they get slated. Hardly fair is it?

  7. Re:incoherent summary by smooth+wombat · · Score: 3, Insightful

    IE9 was more secure in several ways than Firefox. It also had comparable number of security holes.

    Oh really? You might want to check what Secunia has to say on the matter.

    For IE 9

    For Firefox 15

    The two aren't even close in terms of vulnerabilities. Too soon for Fx 15? Let's go with the 14 version:

    Less than half the problems.

    And one more for good measure; Firefox 13. Again, less than half the vulnerabilities of IE 9. Even the unpatched vulnerabilities for Firefox are less critical than the ones for IE 9.

    So yes, things have changed substantially in one year. Either IE 9 has gotten worse or Firefox has gotten better. Take your pick.

    --
    We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower