Posted on 01/14/2013 6:55:52 AM PST by palmer
IDG News Service - Microsoft will release a patch on Monday for older versions of its Internet Explorer browser, deviating from its normal repair schedule due to the seriousness of the problem.
The vulnerability, which is present in IE 6, 7 and 8, is a memory corruption issue. It can be exploited by an attacker via a drive-by download, a term for loading a website with attack code that delivers malware to a victim's computer if the person merely visits the website.
...
The patch, which will be released at 10 AM PST, will be distributed through Windows Update. Childs wrote users will not have to uninstall the quick fix before applying the patch, which will be installed automatically for those who have automatic updates enabled.
...
(Excerpt) Read more at networkworld.com ...
If you have plain old IE (no Java) and visit malicious websites, you will eventually get pwned. If you allow Flash to run and visit malicious websites you will get pwned. Likewise numerous other plug-ins and programs including the browser itself. I mostly recommend not visiting malicious websites. I also recommend click-to-flash on Safari which stops all Flash, Java and HTML5 from running until I click to tell it to run (e.g. a video that I want to watch). It is painless and keeps me safe.
malicious web sites ?
Basically any website that is not mainstream. Mainstream includes all news, newspapers, popular blogs and forums, and basically every link you ever see posted here. Malicious sites are 90% porn and 9% too-good-to-be-true.
I’m sorry but I don’t trust this claim.
How do we know this isn’t a ‘govt induced’ way of getting and installing ‘backdoors’ into older browsers ? We really know NOTHING about the content of any downloads like this.
I still use IE 6, I will take my risks.
That's true. MS purposely obfuscates to prevent reversing what the bug was. Obfuscation can serve other nefarious purposes. Personally I prefer lynx over any other browser, for obvious reasons. When I have to look at pretty pictures I use safari. I am typing this post with lynx.
Not true this time around . I had this virus on a laptop my wife uses for her non malicious shopping, news and travel sites.
I am typing with fingers — am I backwards or what.
Do you mean linux or do you really have a big pet?
lynx is a text-only browser, most often run on linux but there is no relation. It is ported to Windows. A text-only browser shows you the text only and you can scroll down to the buttons and hit enter. It is clumsy at first but easy to get used to. I just typed this fantastic response into the text field, now I will scroll down and hit post.
Even mainstream sites can’t be trusted. If you think only porn sites have viruses, you’re very naive.
Sun released their fix to Java today. See filehippo.com or any of the other many download sites. x86 and x64.
I left room for mainstream in the 1%. Some mainstream sites that are poorly run can allow malicious content or links to malicious sites. I don’t think it is common, but it is possible.
Lynx is a web browser.
I got an upgrade notice for Java yesterday. It updates to version 7 update 11. It is supposed to address the recent security issue.
It is available under the ‘Downloads’ button at
I only uses Internet Exploder to run Windows Update. Could that be listed as a malicious site?
what is this lynx in which you speak of?
I would put MS at the top of the list.
Thanks and bttt
malicious web sites
http://salon.com/
http://www.newsweek.com/
barackobama.com
Microsoft will now allow you to filter out these sites.
Sorry, but I have seen malware from "popular" automotive forums and at least one link from an auction site.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.