[An.American.Expatriate]

The original title was:

"Internet Explorer carved up by zero-day hole"

It is common courtesy to use the original with your comments at the end. This prevents double posts.

Nice find and glad you posted it - guess I'll need to tripple check the workstations (again!!)

[ikka]

Actually the best piece of advice is to run Firefox , which can be downloaded from mozilla.org .

[ShadowAce]

heh--oops.

[Jinjelsnaps]

From the article: That exploit -- Adodb.stream -- has not been viewed as particularly dangerous, since it only works when the file containing the code is present on the user's hard disk.

Just curious about something: if I remember my ASP correctly (which I might not be, it's been a while), the Adodb.stream problem they're talking about is server-side...which would mean to me that this stage of the attack only exists if there's a Windows webserver invovled, correct?

Please let me know if I'm wrong, I'm rather curious about that...

[Fiddlstix]

BTTT

[glorgau]

Job security for network admins! Continued revenue for "security" consultants.

[B Knotts]

I think the time is long overdue for all Windows users to dump IE and use Mozilla Firefox or the full Mozilla instead.

[ShadowAce]

Well, I just DL'ed and installed 0.9. It's still listed as 0.8+ in the About screen, and I really couldn't see much different, initially.

I'm guessing that 0.9 is mainly bugfixes, code streamlining--under the hood type stuff.

[adam_az]

Paging the InfoSec pinglist... Let me know if you want to be 1 or 0.
(That's ON or OFF, for those who are not binary-compliant)

This is very interesting, I suggest you read the entire article.

[Centurion2000]

JUST DAMN

[Quix]

Thanks much.

IE hangs persistently on some sites. Have removed lots of spyware etc. and it still hangs maybe 20-30% of the time.

And, now, I have the fun little LU1803 NORTON LIVE UPDATE PROBLEM which carefully following all 3 of their suggested fixes has been TOTALLY USELESS.

GRRRRR.

Any suggestions would be appreciated!