[Salo]

Beware.

[Salo]

Ping.

[Redcloak]

Where do you want to be taken today?

[mhking]

'Nuff said.

[Gunslingr3]

Ouch!

[FoxInSocks]

Bill Gates sure deserves to be knighted, doesn't he? Thank you soooo much. /sarcasm

[Alouette]

if you click on a link, and select “Open” it purports to be downloading a pdf file whereas in fact it is an HTML executable file.

Oh well we're all doomed.

[zeugma]

I just don't understand why people still use a clunky old browser like IE unless they are forced to.

[Thud]

ping

[Ol' Sox]

Beware indeed. BTW, for those interested, MYDOOM.B, today's guest variant, is now on the loose.

[B Knotts]

Well, this is clearly more of the "dark side of Linux."</sarcasm>

[TLI]

A security hole in Microsoft Corp.’s Internet Explorer could prove devastating.

AGAIN?

lotta sheep in the world...

[Bush2000]

The possibilities are endless, and since both spoof issues appear to be unfixable, it must surely place a big question mark over Explorer’s viability as a browser.

Oh, puh-lease. This so-called "exploit" is hardly "devastating" or "unfixable". It doesn't work on Windows XP at all. Why not? Because Windows XP locates temporary files in "C:\Documents and Settings\\Local Settings\Temp". A crafted HTML file with an tag cannot know what "" is; therefore, the executable cannot run and the attack will fail.

[aruanan]

You see, that's only because it's a popular widespread OS, not because there's anything inherently wrong with it.

[sigSEGV]

Microsoft gave up on properly supporting IE months ago.

http://www.safecenter.net/UMBRELLAWEBV4/ie_unpatched/index.html

[antiRepublicrat]

First MyDoom and then this. Not a good start to the year for Microsoft. And they still haven't fixed the flaw found in December, which can be used in conjunction with this.

Oh, I figured it out. MS wanted to have that patch-free month, so they just decided not to release patches for known security flaws.

[RS]

".....demonstrates that if you click on a link, and select “Open” ....."

If you click on a link and select "open" your computer should kick your butt - and then go out and kick the butt of the fool who put the "open" button there in the first place.

[AdmSmith]

Use another browser, such as Opera at http://www.opera.com

[Golden Eagle]

This is a serious hole in IE but without a a seperate hole in webserver or hosting software to upload the malware to multiple web hosts there's not an easy way for it to be exploited. The spoof combination could possibly point some wanderers to an offshoot of another site but for how long.

Microsoft needs to update these IE holes fast since there are obviously a lot of malicious minded people that oppose them. These kinds of events are disturbing when they happen, but rest assured they ultimately will lead to stronger, more secure networks and further isolation of these anarchists from access.

Hackers should never be underestimated, that is security rule #1 since you never know who you're dealing with or their ultimate capability. But without a method of contaminating large numbers of web servers, of which there's no widely available method for remotely rooting commercial sites right now, there's little way to exploit this particular IE hole. Let's hope it's patched before there is.

[spodefly]

Since I host alot of images that show up on FreeRepublic, I know what browsers we are all using. For all the IE bitchin' that goes on here, there are sure alot of IE users:

	Explorer	-	84.1%
	Netscape	-	13.7%
	unknown	-	0.3%

[Righty1]

It is time to start wasting hackers as the terrorists that they are.