OT: New IE security flaw is huge.

craftech wrote on 12/16/2008, 6:42 PM

"Users of Microsoft's Internet Explorer are being urged by experts to switch to a rival until a serious security flaw has been fixed.

The flaw in Microsoft's Internet Explorer could allow criminals to take control of people's computers and steal their passwords, internet experts say. ....................................Microsoft says it has detected attacks against IE 7.0 but said the "underlying vulnerability" was present in all versions of the browser.

Other browsers, such as Firefox, Opera, Chrome, Safari, are not vulnerable to the flaw Microsoft has identified. "

What a surprise?

John

Back to post

Comments

John_Cline wrote on 12/19/2008, 1:56 PM

Since this entire thread started about a security hole in IE that allowed a hacker to steal passwords... There was a recent report from Chapin Information Services that tested the password security on various PC and MAC browsers. The results were a bit scary. I don't let my browsers "remember" any of my passwords, although that may not protect me as much as I think. Google Chrome and Safari tied for last place.

http://www.info-svc.com/news/2008/12-12/

GlennChan wrote on 12/19/2008, 2:02 PM

So if a hacker takes control of my PC from a remote location, what are they goona do?....edit a movie with Vegas?...play a video game?
Log your keystrokes when you type in login/username information, e.g. for online banking. How commonplace this is I don't know, but I believe the tools are widely available.

More commonly, people might take over your computer so that it can be used to send spam or for DDOS attacks. In these cases an ISP may proactively shut off your Internet service.

On the other hand, you could try Microsoft Vista. Would you like to use your computer? Allow / deny.

GenJerDan wrote on 12/19/2008, 4:21 PM

Yeah, I get the CERT notices. Firefox gets hit a lot, too. Have no idea if the actual users get notified... :^)

(Mac notices, too. And Linux. I routinely ignore them, since no one pays me enough to use those OSes.)

DelCallo wrote on 12/20/2008, 12:18 AM

<<Like rootkits on windows side, your Mac will not warn you . . . >>

Just to be clear, I don't own or use a MAC, so "my" MAC doesn't need to warn me.

Del