Windows IE5 vulnerable to BMP image security flaw.

http://www.securitytracker.com/alerts/2004/Feb/1009067.html ^ | Feb 15 2004 | Security Tracker

[Bobalu]

Oh great... now viruses and arbitrary code can be executed from within an image file.

Better get rid of IE5 if you use it.... get mozilla or Opera.

[holymoly]

Mozilla 5 (Netscape 7.01) is my current browser. I only fire up IE4 to check HTML for cross-browser compatibility.

[TomServo]

I guess folks can't upgrade to IE6. (/sarcasm).

FIRE!! FIRE!! RUN FOR THE HILLS!!! THE SKY IS FALLING!!!

[Paleo Conservative]

Better get rid of IE5 if you use it.... get mozilla or Opera.

While I like Opera, Windows Update will only work under IE. It's better to go ahead and install IE6 and not have to worry about security in obsolete versions.

[Cboldt]

Wow. I wish I knew half as much as these programmers do. I did get a bit of a chuckle out of the comment "Gayer than AIDS." Not that AIDS is funny, it's not. Not at all. But for some reason the comment tickled my funny bone.

[Bush Cheney]

I've used IE6 for years.

[MrsEmmaPeel]

The report indicates that IE 5 is affected but that IE 6 is not affected.

5 is pretty old. Been on 6 for years.

[Grut]

While I like Opera, Windows Update will only work under IE.

Good point. So load IE6 for that, but run Mozilla Firebird ('Firefox', in its latest version) the rest of the time.

My difficulty with Opera is that their answer to the problem of features that don't work is to add more features that also don't work.

[hsmomx3]

I have heard that Netscape uses Mozilla. Is that correct?

[Paleo Conservative]

My difficulty with Opera is that their answer to the problem of features that don't work is to add more features that also don't work.

But it's great for cutting down the number of brower sessions on my desktop. I can read muliple threads on Free Republic with only one browser session, and it is easy to shutdown.

[justlurking]

Reposted here by me. I couldn't find this thread again, and thought it had been deleted due to the politically incorrect comments.

One additional observation: I suspect that the versions of Outlook Express and Outlook that "match" IE 5 are also vulnerable, which would mean that an HTML message with an embedded BMP image could exploit this problem.

[Vroomfondel]

It is becoming clear that whatever Exploder is, it is not a web browser. First, we have Microsoft telling us not to click links in the browser; instead, we're expected to type in the URL displayed on the status bar. Now we find that you can't even trust it to display pictures!

If you can't click on links and can't see pretty pictures, it's clearly not a web browser.

[Bush2000]

It is becoming clear that whatever Exploder is, it is not a web browser.

What is it about this statement that you don't understand, Einstein:

"The report indicates that IE 5 is affected but that IE 6 is not affected."

[justlurking]

What is it about this statement that you don't understand, Einstein:

Don't you have anything better to do than harass anyone that happens to post something critical of your benefactor?

[justlurking]

I have heard that Netscape uses Mozilla. Is that correct?

It's probably more accurate to say that Mozilla "uses" Netscape, depending on your definition of "use".

Mozilla is actually a "fork" of Netscape's browswer. Netscape released the source, and the open source community moved forward with it.

Mozilla is the result. There is a complete suite that is similar to the original netscape, and there are also beta versions of a new browser (Firefox) and email client (Thunderbird) available for download/evaluation.

[justlurking]

But it's great for cutting down the number of brower sessions on my desktop. I can read muliple threads on Free Republic with only one browser session, and it is easy to shutdown.

You can do the same thing with Mozilla Firefox (and it may be in the earlier versions of Mozilla, too). I really like the "tabbed" browser, as well.

I still have to use IE for a few things, though. I have to use certain plug-ins approximately weekly for my job. But, for everything else I've been using Firefox (it used to be called Firebird).

[philetus]

Mozilla Firefox is a great browser. Beats IE .


Find out why people everywhere are switching to Firefox. Be sure not to miss the great Introduction to Firefox.


http://www.mozilla.org/products/firefox/why/

[null and void]

Better get rid of IE5 if you use it.... get mozilla or Opera.

I'm on day three of trying mozilla's Camino for MacOS. I really like it!

[Bush2000]

Don't you have anything better to do than harass anyone that happens to post something critical of your benefactor?

Don't you have anything better to do than harass anyone that happens to post something critical of your benefactor?

[null and void]

These days saying something is 'so gay' means it's REALLY lame.

We're taking back the language one word at a time...