Slashdot Mirror
IE Vulnerability Exposing Banking Logins, Spreading Rapidly
jfruh writes "A vulnerability in Internet Explorer 9 and 10 that allows attackers to target banking login info, first reported on February 13, is being exploited in the wild, and attacks are spreading rapidly. Sites compromised by the malware run the gamut from U.S. Veterans of Foreign Wars site, to a site frequented by French military contractors, to a Japanese dating site. Microsoft has released a 'fix-it tool' but not a regular patch."
Why is there a banking login on a Japanese dating site? Perhaps we should start by addressing that.
I'm immune!!!!
Is IE really to blame in this case. From what I'm understanding, the web sites/servers themselves are being compromised. Once the web server is compromised, it doesn't matter what browser you're using, as login credentials, or any other information you're sending to or receiving from the site would be easily intercepted.
Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
rock on /. http://youtu.be/6SFNW5F8K9Y
I'm not sure what anyone can do for you.
Please do not read this sig. Thank you.
Given the anti-MS slant here, I think it's ironic that Slashdot is sometimes a more timely news source on exploits in MS software than of nearly any of the open source products Slashdot users are so fond of, hmmm....
CEOs have ignored security researchers since the start of the modern internet, because CEOs only want "Results now!"
Still running IE8 so no problems.
Keep pushing the envelope to be cool and edgy and this is what you get.
Same thing with thinking everything needs to be touch screen and/or digital. Witness the fiasco of trying to use touch screens for radio controls. Knobs and buttons for the win!
We will bankrupt ourselves in the vain search for absolute security. -- Dwight D. Eisenhower
It's the one most banking and investment houses use and develop their sites to work with. So there's that.
.
Prisencolinensinainciusol. Ol Rait!
It's called IE11. People not using it are to blame, or their company is to blame. It's truly that simple.
Who in their right mind uses IE for anything secure would be my question?
I think its clear after the Apple SSL "goto" security problems that security is not nearly important enough. Not going to defend Microsoft, Google or Apple. All of them have severe lapses in security in at least one of their products at one time or another. I don't think its ever possible to stop these security problems from happening. But if that is true, then its even more important to close them up ASAP. Apple probably took so long to fix its SSL issues because its fix required so much work to reverse engineer the OS. I think we forget how complex operating systems are and that fixing a security hole without breaking functions is a big task sometimes. It's just like active X in the old days of Windows. It was great to have a way to help users install what they needed. But then the honeymoon was over when hackers began to take advantage of that. Same goes for today, users like the features and conveniences of what a OS can do. But again we have the negatives of all that with potential weaknesses in security.
herp derp look at me i to dumb to slashdot.
http://yro.slashdot.org/story/...
it even links to your damn site.
People still use IE?
"If any question why we died, Tell them because our fathers lied."
Of course Secunia will count this is as "one bug", after Microsoft agrees it is a bug. On the other hand, it will look at bugzilla of Firefox, and every bug report by everyone will be counted towards the total bug count on Firefox. Microsoft will continue to insist its browser has fewer bugs than Firefox. Gartner will issue a TCO report based on these numbers. And everyone will be scratching their head, why IE market share continues to fall when all these numbers say IE is the safest browser in the world.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
Keep pushing the envelope to be cool and edgy and this is what you get.
Right. People running Windows are really concerned with being "cool and edgy".
"By default, Internet Explorer on Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2 runs in a restricted mode that is known as Enhanced Security Configuration. This mode mitigates this vulnerability. "
Translation: IE is crippled by default on windows server. Any attempt to use our browser means you are screwed.
An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
http://xkcd.com/1200/
In a web-based attack scenario, an attacker could host a website that contains a webpage that is used to exploit this vulnerability. In addition, compromised websites and websites that accept or host user-provided content or advertisements could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to visit these websites.
Most popular sites directly and indirectly link to at least a dozen different ad networks, stats, "market intelligence", CDNs, social media all interacting with your browser able to inject or command your browser to visit whatever site they please without asking.
So how do you really trust them?
However, Chrome is getting many patches recently between versions due to flaws in blink and flash. So the idea to blame IE as still sucking is disingenuous.
The point is always upgrade your browser and OS in addition to running adblock/flashblock, or if you are a corp banning flash and java altogether. The port of adblock for IE is here.
Many IT professionals who whine about leaving XP and IE 8 behind should be FIRED. IE 11 sandbox is fine for this. If you run WIndows 7 or later both IE 9+ and Chrome have lowrights mode which restrict everything include writting to the disk with the narrow exception of %appdata.
These days most of the infections I see come from Firefox and plugins. Firefox has no lowrights mode and if anyone reading this is using XP you neglect sandboxing on all browsers and expose yourself.
http://saveie6.com/
I hated Microsoft pretty hard. Now... McComputer sounds about right. Good Call!
I mostly use Windows at work (because that's what my work uses) and just about entirely Linux at home (that's what I choose). This hasn't changed.
I don't think I have changed. Microsoft has changed and so has the market. I just don't see Windows computers crashing like they used to. Quality has improved Perhaps this was in part due to the threat of competition from oss? Note that I said threat of, not actual competition. We all know Linux didn't take off on the desktop but there certainly was enough hype about the possiblity!
Also, you can actually do something in Windows without having a corporate sized budget. Want to be an amateur programmer? It used to be all Windows had was a BASIC interpereter. To get an actual compiler (any language) was 100s of dollars. Apparently you had to pay for the privilege of creating software for Windows. Even though more software existing for Windows just makes Windows more desirable... explain that one. Now Micorosoft releases free versions of their development environments which are cut down enough to give companies a reason to buy the real thing but not so much as to prevent one from compiling a useful application.
Besides what Microsoft offers, now there is all sorts of free oss available for Windows. You can develop for Windows in gcc! Can't afford Photoshop? Gimp runs on Windows now. How about web serving. Microsoft used to charge big bucks for different levels of licensing on their web server. They limited how many people could connect at a time. I thought that was a very assinine money grab. It's not like Microsoft programmers put in more hours every time your server serves 100 copies of your web page vs 5! Do they still do that? I don't know. Who cares?!? I can always run Apache on Windows or any one of a million other free programs.
In the early days Microsoft plus IBM were the PC. The PC was awesome for hackers, makers and all kinds of geeks. Before that everything was pretty much proprietary. Now you could mix and match hardware pieces as you please. Also, I could run the same program on my Tandy as my friend ran on his Dell even though it was written on a computer made by IBM!
Later Microsoft became evil in part becasue the kind of compatiblity the PC gave us was expected. We didn't need Microsoft to help us get that anymore. But.. Microsoft was pushing things the other way, embracing standards just to change them a bit once they had a market share so that people would be locked in to using their product.
Now.. Microsoft is losing that monopoly power. They can't do as much damage as before. But.. mobile devices are the big thing, not Desktops. And with our phones and tablets we are back to the bad old pre-pc days where everything is proprietary. I'm not saying that Microsoft is doing anything to try to change this but at least they aren't the driving force behind it. That title is shared by Apple and the cellphone carriers.
So.. Microsoft is a de-fanged wannabe villian who occasionally does nice things. Apple and the Telecoms, they are where the real evil lives today.
As was said by The Rizz, the MS slant has a tapered off. As the saying goes, "Never attribute to malice that which is adequately explained by stupidity." In recent years, I think this applies to MS. Don't get comfortable and underestimate Microsoft.
... we would stop loading up web browsers with "features" that only help content providers shove ever more ads and video down our gullets.
...French military contractors are now dating U.S. Veterans of Foreign Wars in huge numbers.
Mon dieu!
Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization):
---
APK Hosts File Engine 9.0++ 32/64-bit:
http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74
(Details of hosts' benefits enumerated in link)
Summary:
---
A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/comments.pl?sid=4127345&cid=44701775
B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comments.pl?sid=3985079&cid=44310431 w/ less added "moving parts" complexity + room 4 breakdown,
C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).
---
* Addons are more complex + slowup browsers in message passing (use a few concurrently & see) - Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts (A tightly integrated PART of the IP stack itself)
APK
P.S.=> * "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein
** "Less is more" = GOOD engineering!
*** "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"
...apk
Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization):
---
APK Hosts File Engine 9.0++ 32/64-bit:
http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74
(Details of hosts' benefits enumerated in link)
Summary:
---
A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/comments.pl?sid=4127345&cid=44701775
B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comments.pl?sid=3985079&cid=44310431 w/ less added "moving parts" complexity + room 4 breakdown,
C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).
---
* Addons are more complex + slowup browsers in message passing (use a few concurrently & see) - Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts (A tightly integrated PART of the IP stack itself)
APK
P.S.=> * "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein
** "Less is more" = GOOD engineering!
*** "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"
...apk
Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization):
---
APK Hosts File Engine 9.0++ 32/64-bit:
http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74
(Details of hosts' benefits enumerated in link)
Summary:
---
A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/comments.pl?sid=4127345&cid=44701775
B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comments.pl?sid=3985079&cid=44310431 w/ less added "moving parts" complexity + room 4 breakdown,
C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).
---
* Addons are more complex + slowup browsers in message passing (use a few concurrently & see) - Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts (A tightly integrated PART of the IP stack itself)
APK
P.S.=> * "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein
** "Less is more" = GOOD engineering!
*** "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"
...apk
Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization):
---
APK Hosts File Engine 9.0++ 32/64-bit:
http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74
(Details of hosts' benefits enumerated in link)
Summary:
---
A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/comments.pl?sid=4127345&cid=44701775
B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comments.pl?sid=3985079&cid=44310431 w/ less added "moving parts" complexity + room 4 breakdown,
C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).
---
* Addons are more complex + slowup browsers in message passing (use a few concurrently & see) - Addons slowdown SLOWER usermode browsers layering on MORE: I work w/ what you have in kernelmode, via hosts (A tightly integrated PART of the IP stack itself)...
APK
P.S.=> * "A fool makes things bigger + more complex: It takes a touch of genius & a lot of courage to move in the opposite direction." - Einstein
** "Less is more" = GOOD engineering!
*** "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"
...apk