Announcement

Collapse
No announcement yet.

Internet Explorer vulnerabity - should we be worried?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Internet Explorer vulnerabity - should we be worried?

    I don't know if anyone else has heard about this:

    http://news.bbc.co.uk/1/hi/technology/8465038.stm

    Is it enough of a threat to start worrying? Where I work we have a pretty secure external firewall and I'm guessing it would be both impractical and probably ultimately pointless to switch to another browser, just wanted to know if anyone has any other thoughts?

  • #2
    Re: Internet Explorer vulnerabity - should we be worried?

    That vulnerability only applies to IE6 and doesn't affect the other newer versions of IE.
    If you are still using IE6 then you should be worried but MS has a fix for it. Upgrade to later versions of IE .... (leaving this space open for the Browser war to begin )
    As far as the external firewall you mention is concerned, you can have the most sofisticated FW setup but it won't serve anything. The success of this excploit depends on the end user clicking a dodgy Link sent via e-mail or whatever.
    Last edited by L4ndy; 19th January 2010, 10:45.
    Caesar's cipher - 3

    ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

    SFX JNRS FC U6 MNGR

    Comment


    • #3
      Re: Internet Explorer vulnerabity - should we be worried?

      Is it just IE6 as I have seen reports that IE 7 & 8 are affected as well. Don't know if that is true or just the start of some mass hysteria. If in doubt, install Firefox or Chrome.
      1 1 was a racehorse.
      2 2 was 1 2.
      1 1 1 1 race 1 day,
      2 2 1 1 2

      Comment


      • #4
        Re: Internet Explorer vulnerabity - should we be worried?

        According to El Reg, quoting Microsoft, it's IE6 only. People who are still running IE6 get no sympathy from me I'm afraid. With the advent of compatibility mode I can't see any reason not to upgrade unless you're the UK Government.
        BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
        sigpic
        Cruachan's Blog

        Comment


        • #5
          Re: Internet Explorer vulnerabity - should we be worried?

          Sorry, but the last 3 paragraphs in that article do NOT rule out IE 7 & 8 having the exploit.
          1 1 was a racehorse.
          2 2 was 1 2.
          1 1 1 1 race 1 day,
          2 2 1 1 2

          Comment


          • #6
            Re: Internet Explorer vulnerabity - should we be worried?

            You're correct Biggles, MS were very careful in the wording of their press release to suggest that it was IE6 only at the start.

            Doesn't affect me, I use Firefox anyway.
            BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
            sigpic
            Cruachan's Blog

            Comment


            • #7
              Re: Internet Explorer vulnerabity - should we be worried?

              Still playing down the possibility of 7/8 being affected, but an out of band patch is on the way.
              BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
              sigpic
              Cruachan's Blog

              Comment


              • #8
                Re: Internet Explorer vulnerabity - should we be worried?

                The wording was ........... clever? Saw one report that said putting the Security setting to HIGH was one way to close the exploit. Will these hole never end?
                1 1 was a racehorse.
                2 2 was 1 2.
                1 1 1 1 race 1 day,
                2 2 1 1 2

                Comment


                • #9
                  Re: Internet Explorer vulnerabity - should we be worried?

                  Originally posted by biggles77 View Post
                  The wording was ........... clever? Saw one report that said putting the Security setting to HIGH was one way to close the exploit. Will these hole never end?
                  Apparently not, another exploit found this morning although only affecting 32-bit versions of Windows it relates to 17 year old code. Mind you the fact that Google publicly announced this just after being compromised themselves by the previous exploit is unlikely to be coincidental.
                  BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
                  sigpic
                  Cruachan's Blog

                  Comment


                  • #10
                    Re: Internet Explorer vulnerabity - should we be worried?

                    Oh crap, not another one. When is MS going to totally rewrite it's code and hopefully eliminate a lot of these holes. Backward compatibility causes more problems than it is worth.
                    1 1 was a racehorse.
                    2 2 was 1 2.
                    1 1 1 1 race 1 day,
                    2 2 1 1 2

                    Comment


                    • #11
                      Re: Internet Explorer vulnerabity - should we be worried?

                      Sounds like a bit of a headache, I'm not going to start deploying other browsers unless I really have to so I think for the moment it's just a case of making sure all the clients are on IE8 and remain fully patched.

                      Comment


                      • #12
                        Re: Internet Explorer vulnerabity - should we be worried?

                        Just read that Firefox had 300,000 above normal downloads in Germany over a 4 day period and Opera 18,000 a day (again in Germany). Australia experienced a 40% surge in Firefox downloads (which numerically may not mean much considering the population of the country) but it does look like MS has taken a signifigant hit on IE Market Share.

                        Considering how important Market Share is, maybe someone will clean up their act and produce a more security desirable version of IE (and hopefully other software as well).
                        1 1 was a racehorse.
                        2 2 was 1 2.
                        1 1 1 1 race 1 day,
                        2 2 1 1 2

                        Comment


                        • #13
                          Re: Internet Explorer vulnerabity - should we be worried?

                          Here is the patch, in case automatic updates or patch managment solutions are not used for any strange reasons!- http://www.microsoft.com/technet/sec.../MS10-002.mspx

                          True, doesn't effect just 6 as it was initially reported.
                          Caesar's cipher - 3

                          ZKHQ BRX HYHQWXDOOB GHFLSKHU WKLV BRX ZLOO UHDOLVH LW ZDV D ZDVWH RI WLPH!

                          SFX JNRS FC U6 MNGR

                          Comment

                          Working...
                          X