Slashdot Mirror

← Back to Stories (view on slashdot.org)

IE Vulnerability Exposing Banking Logins, Spreading Rapidly

Posted by Unknown on from the apt-get-wrong-operating-system dept.

jfruh writes "A vulnerability in Internet Explorer 9 and 10 that allows attackers to target banking login info, first reported on February 13, is being exploited in the wild, and attacks are spreading rapidly. Sites compromised by the malware run the gamut from U.S. Veterans of Foreign Wars site, to a site frequented by French military contractors, to a Japanese dating site. Microsoft has released a 'fix-it tool' but not a regular patch."

4 of 93 comments (clear)

  1. Re:Hmmm... by The+Rizz · · Score: 5, Interesting

    Well, for one thing, the anti-MS slant has been tapering off here for years; they're no longer seen as "Big Evil", but more of a "McComputer" sort of thing.

    For another thing, most /. readers may like the OSS movement, but they primarily work in Windows, have friends who use Windows, have family who use Windows, and are often the ones who provide tech support to those friends/family/co-workers. Knowledge of these vulnerabilities do more good for more people than knowledge of the latest bugs in Epiphany.

  2. Re:Laugh by hcs_$reboot · · Score: 4, Interesting

    People still use IE?

    Yes. Many non-IT companies require their users to use only IE, due to *security concerns* (the security concerns being that everybody should use the default browser provided with the OS, and not a random one of choice). This is usually the case where the CIO/IT management has been holding that same position for a relatively long time, signing that same yearly contract with Microsoft for OS+Office. In short, keeping the same IT environment is the recipe to ensuring there is no change on IT management side either.

    --
    Slashdot, fix the reply notifications... You won't get away with it...
  3. Secunia also says Firefox less secure than IE 6 by Billly+Gates · · Score: 3, Interesting

    So how do you really trust them?

    However, Chrome is getting many patches recently between versions due to flaws in blink and flash. So the idea to blame IE as still sucking is disingenuous.

    The point is always upgrade your browser and OS in addition to running adblock/flashblock, or if you are a corp banning flash and java altogether. The port of adblock for IE is here.

    Many IT professionals who whine about leaving XP and IE 8 behind should be FIRED. IE 11 sandbox is fine for this. If you run WIndows 7 or later both IE 9+ and Chrome have lowrights mode which restrict everything include writting to the disk with the narrow exception of %appdata.

    These days most of the infections I see come from Firefox and plugins. Firefox has no lowrights mode and if anyone reading this is using XP you neglect sandboxing on all browsers and expose yourself.

    --
    http://saveie6.com/
  4. If we were serious about security... by ggraham412 · · Score: 4, Interesting

    ... we would stop loading up web browsers with "features" that only help content providers shove ever more ads and video down our gullets.