Exploit code attacks unpatched IE bug ( Even the new SP2-Service Pack 2-is vulnerable )

The Register ^ | Monday 10th January 2005 12:08 GMT | John Leyden

[Ernest_at_the_Beach]

No end to the problems.

[johniegrad]

This is really getting old.

[holymoly]

I believe this only applies to IE6.

Internet Explorer flaw gets 'extremely critical' rating
"Danish security company Secunia has upgraded a security warning on a flaw in Internet Explorer 6.0, to "extremely critical"." (more)

[b4its2late]

No kidding.....

[johniegrad]

It's starting to remind me of the early snowmobiles we had in the '60s. They took 3 or more hours of maintenance for every hour you could run them.

[ShadowAce]

I really wish that these people would realize just how stupid it is to use IE these days.

[KoRn]

I can't imagine why anyone would. It's like knowingly choosing to park a car in a high crime area and leaving your doors unlocked.

[b4its2late]

They took 3 or more hours of maintenance for every hour you could run them.

That's for sure.

[holymoly]

I can't imagine why anyone would. It's like knowingly choosing to park a car in a high crime area and leaving your doors unlocked.

Most of them use it because they've not been made aware of the threat/danger MSIE poses.

There are a number of Freepers who had never heard of Mozilla, Firefox, or Opera until they saw them mentioned in a thread.

I can't blame people who aren't always able (or even savvy enough) to keep on the the latest tech news. Many people, through no fault of their own, are simply not aware that using MSIE is like playing Russian Roulette.

[RicocheT]

It's not a bug or flaw, it's a feature or issue.
/s/ Microsoft PR Dept.

[Ernest_at_the_Beach]

From 2CPU website:

Exploit code attacks unpatched IE bug

UPDATE: I ran the vulnerability test on my Windows XP SP2 machine at work and it was vulnerable. I then checked Windows Update for a patch and nothing new was available. The only patch that I can think of is available here.

[Cicero]

Interesting. I went to the linked article and tried to access the Secunia test, but my computer refused to load that page. Evidently something is blocking it.

I have a lot of gear on board, and possibly one of my AV or antispyware programs is blocking that site.

[Ernest_at_the_Beach]

Test is on this page:

A demonstration of the vulnerability is available for users running Internet Explorer 6 with Windows XP SP2 installed.

And:

The test requires that you have Windows installed in "c:/windows/".

Internet Explorer Command Execution Vulnerability Test

Test is just under :

Test Your System

[Lazamataz]

Does Norton AV protect against this?

[Phyto Chems]

I gave up and went to Fire Fox I have NO yes NO pop ads any more.... Great product check it out you will never go back.

[Wacka]

I really wish that these people would realize just how stupid it is to use IE these days.

I really wish that these people would realize just how stupid it is to use WINDOWS these days.

[ArGee]

That's why I use Firefox, and upgraded my child's computer to Fedora Core 3.

Shalom.

[Eagle9]

TechWeb
IE Bugs Now 'Extremely Critical'

Excerpt --
Until a patch is available, IE users should consider switching browsers, said Secunia, or disabling the "Drag and Drop or copy and paste files option in Internet Explorer. Microsoft has posted a document on its support site that explains the process.
http://support.microsoft.com/kb/888534
_______________________________________________________

Take a glance at the Microsoft temporary solution and decide, "Do I want to try this Microsoft temp patch or just download/install Firefox?"