Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Another Day Another IE (Microsoft) Bug
Comuter World ^ | 2004-06-09 | Kieren McCarthy

Posted on 06/09/2004 9:58:24 AM PDT by N3WBI3

Two new vulnerabilities have been discovered in Internet Explorer which allow a complete bypass of security and provide system access to a computer, including the installation of files on someone's hard disk without their knowledge, through a single click.

Worse, the holes have been discovered from analysis of an existing link on the Internet and a fully functional demonstration of the exploit have been produced and been shown to affect even fully patched versions of Explorer.

It has been rated "extremely critical" by security company Secunia, and the only advice is to disable Active Scripting support for all but trusted websites.

(Excerpt) Read more at computerworld.com.au ...


TOPICS: Miscellaneous; Technical
KEYWORDS: bug; ie; microsoft
Navigation: use the links below to view more comments.
first 1-2021-35 next last

1 posted on 06/09/2004 9:58:25 AM PDT by N3WBI3
[ Post Reply | Private Reply | View Replies]

To: N3WBI3; Admin Moderator

The original title was:

"Internet Explorer carved up by zero-day hole"

It is common courtesy to use the original with your comments at the end. This prevents double posts.

Nice find and glad you posted it - guess I'll need to tripple check the workstations (again!!)


2 posted on 06/09/2004 10:06:39 AM PDT by An.American.Expatriate (A vote for JF'nK is a vote for Peace in our Time!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: N3WBI3

Actually the best piece of advice is to run Firefox , which can be downloaded from mozilla.org .


3 posted on 06/09/2004 10:06:41 AM PDT by ikka
[ Post Reply | Private Reply | To 1 | View Replies]

To: An.American.Expatriate

Sorry and thanks for the correction..


4 posted on 06/09/2004 10:09:34 AM PDT by N3WBI3
[ Post Reply | Private Reply | To 2 | View Replies]

To: N3WBI3
heh--oops.


5 posted on 06/09/2004 10:09:40 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce

Put that on a few days ago, what an improvement over mozilla..


6 posted on 06/09/2004 10:10:31 AM PDT by N3WBI3
[ Post Reply | Private Reply | To 5 | View Replies]

To: An.American.Expatriate

Good luck.


7 posted on 06/09/2004 10:13:15 AM PDT by Darksheare (I shall send poultrygeists after you! Beware the possessed chickens!)
[ Post Reply | Private Reply | To 2 | View Replies]

To: N3WBI3

I just saw that the 0.9 RC release is out. I'm trying to determine what the differences are between it and the 0.8 release....


8 posted on 06/09/2004 10:13:26 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 6 | View Replies]

To: N3WBI3
From the article: That exploit -- Adodb.stream -- has not been viewed as particularly dangerous, since it only works when the file containing the code is present on the user's hard disk.

Just curious about something: if I remember my ASP correctly (which I might not be, it's been a while), the Adodb.stream problem they're talking about is server-side...which would mean to me that this stage of the attack only exists if there's a Windows webserver invovled, correct?

Please let me know if I'm wrong, I'm rather curious about that...
9 posted on 06/09/2004 10:14:00 AM PDT by Jinjelsnaps ("Time flies like an arrow, fruit flies like a banana" - Groucho Marx)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Darksheare

Thanks - I'll need it :-((


10 posted on 06/09/2004 10:14:29 AM PDT by An.American.Expatriate (A vote for JF'nK is a vote for Peace in our Time!)
[ Post Reply | Private Reply | To 7 | View Replies]

To: N3WBI3

No problem, just happened to notice as I read the original . . .

BTW - Do we need to except Computerworld?? Anyone??


11 posted on 06/09/2004 10:15:38 AM PDT by An.American.Expatriate (A vote for JF'nK is a vote for Peace in our Time!)
[ Post Reply | Private Reply | To 4 | View Replies]

To: N3WBI3

BTTT


12 posted on 06/09/2004 10:17:56 AM PDT by Fiddlstix (This Tagline for sale. (Presented by TagLines R US))
[ Post Reply | Private Reply | To 1 | View Replies]

To: N3WBI3

Job security for network admins! Continued revenue for "security" consultants.


13 posted on 06/09/2004 10:21:23 AM PDT by glorgau
[ Post Reply | Private Reply | To 1 | View Replies]

To: N3WBI3
I think the time is long overdue for all Windows users to dump IE and use Mozilla Firefox or the full Mozilla instead.
14 posted on 06/09/2004 10:23:00 AM PDT by B Knotts
[ Post Reply | Private Reply | To 1 | View Replies]

To: rdb3; Bush2000

Admins, man your patching stat....oh, crap. Nevermind.


15 posted on 06/09/2004 10:23:43 AM PDT by Salo (When Bill Clinton dies, we should all lower our pants to half-staff in his honor.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: B Knotts

Naa when there is enough market pressure on IE MS will start to actually fix it just to drive the competition away..


16 posted on 06/09/2004 10:24:46 AM PDT by N3WBI3
[ Post Reply | Private Reply | To 14 | View Replies]

To: B Knotts
I think the time is long overdue for all Windows users to dump IE Windows

There, that's more accurate.

17 posted on 06/09/2004 10:26:04 AM PDT by TheBattman (Leadership = http://www.georgewbush.com/)
[ Post Reply | Private Reply | To 14 | View Replies]

To: An.American.Expatriate

Welcome.
And again, good luck.
(Especially if you have to kick people off the terminals first..)


18 posted on 06/09/2004 10:26:07 AM PDT by Darksheare (I shall send poultrygeists after you! Beware the possessed chickens!)
[ Post Reply | Private Reply | To 10 | View Replies]

To: B Knotts

Nuther bump for FIREFOX..........


19 posted on 06/09/2004 10:26:54 AM PDT by litehaus
[ Post Reply | Private Reply | To 14 | View Replies]

To: Darksheare

I live for kicking people off terminals!!!!


20 posted on 06/09/2004 10:30:16 AM PDT by An.American.Expatriate (A vote for JF'nK is a vote for Peace in our Time!)
[ Post Reply | Private Reply | To 18 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-35 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson