CaptainRAVE Posted December 12, 2001 Posted December 12, 2001 Microsoft has acknowledged a devastating flaw in their Internet Explorer browser, which allows hackers to bypass safeguards in downloading programs, to execute malicious code. Microsoft Outlook and Outlook Express are also affected. Microsoft has known about the problem since mid-November, but is only just now getting around to testing a patch to fix the problem. Microsoft has declined to release exact details about the bug, saying it is too severe to accidentally divulge how to take advantage of it. Recently, MS was forced to release a patch for another IE bug, which had a flaw in how cookies were handled.
StephenG Posted December 12, 2001 Posted December 12, 2001 it figures...Microsoft always release un-finished software. I dont use Outlook Express and i turn off my modem when i'm not on the net. i really hope no one has been hacking/downloading on my Computer.
Agen Posted December 12, 2001 Posted December 12, 2001 I've know about this for about 2 weeks... i'm lucky i've had Zone Alarm for a lnog while so no-one could have probably got through to me.
matt-- Posted December 13, 2001 Posted December 13, 2001 That bug was discovered by Georgi Guninski. Basically, IE lets you put a layer with a specific z-index over the download verification box...so basically someone could spoof the name of the download. Example: veryBadVirus.exe can show up as funnyPicture.jpg with some clever coding.
acdcfanbill Posted December 13, 2001 Posted December 13, 2001 ya, i keep my copy of Zone Alarm close at hand... makes you wonder why MS has everything access the internet...
StormHammer Posted December 13, 2001 Posted December 13, 2001 Well, I expect no less from Microsoft. I know they are a prime target for hackers, who are always coming up with new work-arounds, but it still proves MS is not vigilant enough in testing the loopholes in their own software. They are also known to drag their heels to correct such problems, which is not very helpful. Having said that, I don't think switching to other browsers, etc., will necessarily solve the problem. It seems the more popular certain software becomes, there are always those waiting in the wings ready to exploit it's bugs. It does seem to me, though, that MS should be building in more rigid self-monitoring into their software to try and combat the problem.
Tie Guy Posted December 13, 2001 Posted December 13, 2001 Well, i'm glad that IE6 didn't work for some reason and i was forced to keep IE5. I'll switch after they get the patch out though....i guess.
Kurgan Posted December 13, 2001 Posted December 13, 2001 Yeah I haven't been feeling too benevolent towards microsoft lately myself... though I don't condone the use of malicious hacker code to cause trouble to innocent people. ; p They bought up my ISP and forced my roommate and I to switch over to MSN's service (which is apparently some of the lowest rated service anywhere). Due to one of their "security requirements" and an apparent design flaw, I am forced to use not one, but TWO email programs, one to send, and one to recieve. Needless to say that forcing me to use Outlook after all these years chews the big one. Apparently the very nature of the program and all of its fun script-easy interface leaves it with as many holes as a piece of swiss cheese. Sadly, I have no other choice, other than using crappy web based, or text only email clients. Really sucks having more than one account.. ; p I keep myself up to date as best I can, but then I still have to wait for the fixes to actually get released. Kurgan
CaptainRAVE Posted December 13, 2001 Author Posted December 13, 2001 Originally posted by Tie Guy Well, i'm glad that IE6 didn't work for some reason and i was forced to keep IE5. I'll switch after they get the patch out though....i guess. Yes, I had that problem and ended up using IE5 again. For some reason IE6 kept crashing every single time I loaded it up......it began to really try my patience ......anyway, I prefer IE5, its much much better in my opinion....actually, its pretty much the same, lol.
TornSoul Posted December 14, 2001 Posted December 14, 2001 Microsoft has just released an "Uber-fix" which is suppose to fix all known bugs and some unknown ones (don't ask me how they can fix a bug they don't know).
Darth Bjorn Posted December 15, 2001 Posted December 15, 2001 Originally posted by CaptainRAVE Yes, I had that problem and ended up using IE5 again. For some reason IE6 kept crashing every single time I loaded it up......it began to really try my patience ......anyway, I prefer IE5, its much much better in my opinion....actually, its pretty much the same, lol. Yeah, IE 6 crashes on me all the ti-.....................
CaptainRAVE Posted December 15, 2001 Author Posted December 15, 2001 Did you go back to IE5 or just put up with the annoying IE6??
Darth Bjorn Posted December 18, 2001 Posted December 18, 2001 No. Since I got XP, now, I'll just keep 6. I really think it's the java applets that do it to my, anyway.
digl Posted December 18, 2001 Posted December 18, 2001 I have XP with IE6 and it never crashes Sounds weird, but Its true, It doesn crash!
Darth Bjorn Posted December 18, 2001 Posted December 18, 2001 Well, XP itself hasn't crashed. But IE 6 is a piece.
acdcfanbill Posted December 19, 2001 Posted December 19, 2001 i've never had a problem with my XP and IE6, though sometimes while browsing my network, it will spontaniously crash, and i will end it, then somehow the desktop and taskbar fall off screen and all im left with is my background, and anyrunning programs, odd to say the least...
StormHammer Posted December 19, 2001 Posted December 19, 2001 At the moment my system is quite stable, running Windows 98 SE (with the latest patches) and IE5. I haven't had a BSOD for many months, now, so I don't think I'll be upgrading from this any time soon. If it ain't broke, don't try to fix it.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.