flat assembler
Message board for the users of flat assembler.

Index > Heap > New IE virus - Experts recommend switching browsers

Author
Thread Post new topic Reply to topic
drhowarddrfine



Joined: 10 Jul 2007
Posts: 535
drhowarddrfine
BBC News reports about new virus in IE:
Quote:
Richard Cox, chief information officer of anti-spam body The Spamhaus Project and an expert on privacy and cyber security, echoed Trend Micro's warning.
"It won't be long before someone reverse engineers this exploit for more fraudulent purposes. Trend Mico's advice [of switching to an alternative web browser] is very sensible," he said.
.
Post 16 Dec 2008, 15:29
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17287
Location: In your JS exploiting you and your system
revolution
A slight clarification to drhowarddrfine's post: It is not a "virus in IE", it is an exploit that targets a security hole in IE. A minor change in wording that makes a large difference in perception.
Post 16 Dec 2008, 15:35
View user's profile Send private message Visit poster's website Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
Who uses IE anyway? Confused

_________________
Previously known as The_Grey_Beast
Post 16 Dec 2008, 17:20
View user's profile Send private message Reply with quote
bitRAKE



Joined: 21 Jul 2003
Posts: 2915
Location: [RSP+8*5]
bitRAKE
IE = Internets Exploder
Post 17 Dec 2008, 03:17
View user's profile Send private message Visit poster's website Reply with quote
Tomasz Grysztar



Joined: 16 Jun 2003
Posts: 7725
Location: Kraków, Poland
Tomasz Grysztar
Do you have any more detailed information about what exactly this hole is?
Post 17 Dec 2008, 17:14
View user's profile Send private message Visit poster's website Reply with quote
HyperVista



Joined: 18 Apr 2005
Posts: 691
Location: Virginia, USA
HyperVista
Its an XML based vulnerability. Specifically there is a use-after-free vulnerability in mshtml.dll in Microsoft Internet Explorer 7 and previous versions on Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008.
The vulnerability allows remote attackers to execute code via a crafted XML document containing nested SPAN elements.
Microsoft is only owning up to this vulnerability on IE 7, but it does affect previous versions too.
Post 17 Dec 2008, 18:37
View user's profile Send private message Visit poster's website Reply with quote
drhowarddrfine



Joined: 10 Jul 2007
Posts: 535
drhowarddrfine
Their security bulletin now lists ALL versions of IE on all platforms.
Post 17 Dec 2008, 18:42
View user's profile Send private message Reply with quote
Coddy41



Joined: 18 Jan 2009
Posts: 384
Location: Ohio, USA
Coddy41
people use ie?
Post 23 Jan 2009, 10:24
View user's profile Send private message Visit poster's website Reply with quote
tom tobias



Joined: 09 Sep 2003
Posts: 1320
Location: usa
tom tobias
Coddy41 wrote:
...people use ie?

1. search engine
2. enter "web browser usage"
3. hit "return"

both IE and FF account for about 45% of web browser usage, as of December 2008.
Post 23 Jan 2009, 10:58
View user's profile Send private message Reply with quote
edfed



Joined: 20 Feb 2006
Posts: 4238
Location: 2018
edfed
Coddy41 wrote:
people use ie?

yep!

IE6

at HKEY-CURRENT USER/software/microsoft/internet explorer/main you can add a registry to erase the "microsoft internet explorer" in title bar.
window title , type string , value=""

a better statement would be

Quote:
people use computers?
Post 23 Jan 2009, 12:01
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17287
Location: In your JS exploiting you and your system
revolution
tom tobias wrote:
Coddy41 wrote:
...people use ie?

1. search engine
...
Coddy41: In case you can't find a suitable search engine then let me be so bold as to suggest my website Razz
Post 23 Jan 2009, 12:25
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.