New Explorer hole could be devastating

[Julio Franco]

A security hole in Microsoft Corp.’s Internet Explorer could prove devastating. Following the exposure of a vulnerability in Windows XP earlier this week, “http-equiv” of Malware has revealed that Explorer 6 users (and possibly users of earlier versions) could be fooled into downloading what look like safe files but are in fact whatever the author wishes them to be -- including executables.

A demonstration of the hole is currently on security company Secunia’s website and demonstrates that if you click on a link, and select “Open” it purports to be downloading a pdf file whereas in fact it is an HTML executable file.

Read more: Infoworld.

 

[Masque]

Some bad stuff coming down the pipes now. Gates' crew better get their $hit together real soon or some ***** out there is going to make meatloaf of all Windows-based computers.

:dead:

 

[Nodsu]

Surely you meant "metloaf of all the computers of people stupid enough to use Internet Exporer"

 

[Masque]

Hey, I use IE.....have eversince whenever. I take precautions.....no issues yet. The real problem is the people (vast majority) who don't know how to layer protection. That also includes the people who don't know enough to think before they click.
Remember, the only reason these people go after M$ is because they're the big player. A few years back, when NT was king in the corporate world, Unix was the O/S known for all the holes. They'll play with whomever they can have the most fun with.

 

[Nodsu]

Surely you don't mean that when I open a file in Netscape or Mosaic some guy can gain complete control over my workstation. And the claim that Secunia and other security companies test only Microsoft products is just wrong.

There are small holes and big holes and then there are MS products.

 

[Masque]

Originally posted by Nodsu
There are small holes and big holes and then there are MS products.

"Remember, the only reason these people go after M$ is because they're the big player."

If the other companies were of the same size and power they'd be after them.....and they'd find the holes, don't be misled. They just want to take the big guy down.

 

[Masque]

Bah! Whatever! This one was most likely published because M$ makes headlines 'because' of the amount of software out there being used. Of course you're going to read more about it.

Nonetheless, this is an endless dialogue for us. Let's just agree to disagree. Discussing M$ is much like religion and politics....better left alone.

 

[Nodsu]

Ah.. The hackers just hack Microsoft software to make the company go bankrupt..

Please. And you can say whatever you want but "... allows an attacker to gain complete control over your computer" at least twice a month in some MS security bulletin can not be explained on every single hacker on the planet dismissing all the other products and attacking the eveil monopoly.