More IE Flaws!

Security experts have advised internet users to either turn off some Internet Explorer features or to use another browser. Unknown attackers who had taken control of several Web servers used the flaw last week to install a remote-access program, dubbed JS.Scob.Trojan, onto the PCs of visitors to those sites.

"I hope that Microsoft will come up with a patch soon," said Johannes Ullrich, chief technology officer for the Internet Storm Center, a site that monitors network threats. "Until they do, you basically have two choices: Disable JavaScript in Internet Explorer or install another browser."

More here.

Yeah its funny how all these "flaws" never actually 'flaw' anything of mine or effect me in anyway.

I'll try not to bring up the point that other browsers lack so much that IE doesn't and how a simple firewall fixes this issue with (being attacked) and allows us to use a functional browser which has everything I need in one browser that all other browsers never can do correctly or just don't do at all. Not counting how ugly they all are (myIE2 looks alright though).

Oops!

You sound like the smoker that said "well, smoking never did me any harm" then later died of lung cancer.

Oh, and a firewall doesn't stop javascript from executing. Firewalls only block attacks that aren't the result of a response to a request from the client PC (i.e if your browser issued a request for a web page, which resulted in malicious code being downloaded as part of the response, then having a firewall won't help). Firewalls essentially stop a request (that originates from outside your PC) from reaching your system (e.g your browser, or other software).

Well I will have to go with Agissi and say how come if it's such an issue I haven't had a problem? All it takes is common sense.

A software firewall will not do anything either if you allow IE permission to access the internet (which most people do).

The firewall will not protect against malicious websites, etc. since you ok'ed it through the firewall.

A software firewall will allow your browser to access the web, but it will stop 'the web' from accessing your browser. The original request must start from the browser. Firewalls prevent access to your system if that access 'originates' from an external source.

Common sense? If you want to live up to that statement then follow the advisory (i.e. "Disable JavaScript in Internet Explorer or install another browser.").

Did all those users that suffered from the 'Blaster' attack use good common sense (i.e they never had any problems before, so why should they have kept up to date with patches and thus prevented the problem?).

The point being that hackers only start to target exploits once they know about them. Because of the security alert, then hackers are already aware of these issues and may decide to target users using newly discovered exploits. Does common sense prevail?

You pose a very good reply Nic, however I have a hard firewall in my router so thats probably why I dont seem to be having any hitches.

Eh, Nick.. only an ***** would disable JS. Then your browser isn't worth much more than this crap they call Firefox for example.

And yes obviously I know what a firewall does, but the fact remains (and yes it is a fact) that a firewall and common sense is all you need to be completely fine. I've survived on the web for about 10 years with hardly any problems. And up until about 2 weeks ago, that was without a firewall, without turning anything off in IE, or doing any of these things the so called "experts" recommend.

No offence to any of you guys, but if your having so many problems and are so scared that you have to switch browsers then you can't make it out like because you switched to another browser it makes you "smart". That only means you can't handle the heat and dont know how to avoid problems.

And I suggest you read what I said and quit making assumptions and turning my posts around into meaning something totally different.

Who cares what IE is affected by, other than the general public. If your so afraid and get hit by exploits so much then you need to rethink your level of expertise. Period.

Hardware or software firewall isn't going to stop a scripted exploit through Internet Explorer.

If you visit an "infected" website.. You've already accepted the connection. It isn't about connection, it's about scripts running on your computer.

Disabling Javascript would probably be the only fix for this... Until a patch is released of course. A good virus scanner which scans Internet Explorer scripts before they executed would probably stop this too.

Ya or you could just not go to the sites with this crap.

haha.. Yep.

I wonder which sites have been HaX0r3d?

Last time I checked today, Firefox has Javascript.

Last time I checked today, Firefox has Javascript.

I think acidosmosis should be reminded that he was the one starting the infamous Blaster thread..

You shouldn't make "common sense = no problems" claims when we all know that you have had issues.

Common sense also suggests the principle, "better safe than sorry."

Acid i do not know how continuing to use IE despite security warnings by security experts is common sense. Apparently, you do not believe in the credibility of these security experts so I guess there is nothing that will sway you from you position.