Lefora Free Forum
93 views

(another) IE 0 day

Categories > Tech News
Page 1
posts 1–7 of 7
atmo
regular - member
52 posts
+0 permalink
Just a heads up for those using (or know people who use) IE, whether buy choice or another reason....

There's a pretty serious 0 day vuln (which apparently affects multiple versions including IE7 and IE8 beta) that's currently being exploited in the wild. From reports, some normally harmless websites are carrying the exploit code after themselves being exploited via SQL injection. It's also been added as a module to the metasploit framework.

I'd (seriously) consider IE off limits until a fix is available. Hopefully MS will do an out of cycle patch.

http://www.microsoft.com/technet/security/advisory/961051.mspx
http://blogs.technet.com/msrc/archive/2008/12/11/microsoft-security-advisory-961051-updated.aspx
http://www.heise-online.co.uk/security/Internet-Explorer-6-and-8-also-affected-by-zero-day-vulnerability--/news/112240
http://secunia.com/blog/38/
http://isc.sans.org/diary.html?storyid=5464
reply
quote
12th December 2008 15:25 p.m.
erice51
superstar - member
247 posts
+0 permalink

We got a blast from the mothership on this one.

Must be pretty bad.

I wont warn any family though. I dont care if they get bugs and contribute to botnets or get knocked offline. Google does a pretty good job at keeping up with spam filters and I'm done trying to help people.

__________________
"we only destroy for the greater good so you can be free to consume more as you should"
reply
quote
12th December 2008 20:01 p.m.
davegray
superstar - admin
398 posts
+0 permalink

Firefox

__________________
Host of the Aussie Geek Podcast www.aussiegeekpodcast.com
reply
quote
13th December 2008 13:50 p.m.
tom125
regular - member
184 posts
+0 permalink

I just did some community service last night round at a friend's house by installing firefox, making it the default browser and deleting IE from the desktop. I can't believe how many of the "general public" still haven't even heard of Firefox... grrr...

reply
quote
16th December 2008 21:26 p.m.
herne
superstar - moderator
251 posts
+0 permalink
Are these the same people who believe the sun revolves around the earth?!
__________________
We are the Herne. You will be assimilated.
reply
quote
17th December 2008 00:18 a.m.
tom125
regular - member
184 posts
+0 permalink

If only. No, these are bright intelligent people who should know better. OK, so they had heard of Firefox, they just weren't curious enough to actually download and use it. :S

reply
quote
17th December 2008 01:55 a.m.
atmo
regular - member
52 posts
+0 permalink
Microsoft will be pushing an out of cycle patch for this vulnerability.

http://www.microsoft.com/technet/security/bulletin/ms08-dec.mspx

Unfortunately for us, the timing means most of the teachers/staff at our school that use leased notebooks (which need to be updated via our WSUS server) may not be protected until late January when they start back for the new year. I guess the same will go for a lot of buisness/government machines...



reply
quote
17th December 2008 11:24 a.m.
Categories > Tech News
Page 1
posts 1–7 of 7

This Topic Is Locked To Guest Posts

It's been a while since this topic was active, if you'd like to get it going again, please post as a registered member

join now