Home › News › Microsoft
Unpatched Internet Explorer exploit hits the Web
CNET asked Abu how dangerous the vulnerability is, and his response was in line with Microsoft's recommendation of updating to IE8. Abu also noted that the exploit is quite unstable, with about 60% to 70% success rate, and confirmed that it is critical to older builds of IE. Microsoft provided additional workarounds in its advisory for users who can't upgrade to the latest browser version.
Although information in McAfee's sped up the process, Abu said he would have found the vulnerability anyway. McAfee said the post in question did not contain enough information to directly lead anyone to the hole, but the firm's future blog posts will undergo "additional sanitization" to avoid giving exploit writers a starting point when hunting for exploit code.
User Comments (53)
Post a comment|
TomSEA on March 11, 2010 4:40 PM |
Just say "no" to IE! Too many other better browsers around to mess with that and worry about the countless security issues. |
|
buendia on March 11, 2010 4:57 PM |
For regular users, no need for IE. There's plenty of very good alternatives (Firefox, Opera,Chrome). Provided you really want to use IE, always upgrade to the latest version and regurarly install updates. |
|
Guest on March 11, 2010 5:00 PM |
Oh, so nothing new? |
|
Timonius on March 11, 2010 5:10 PM |
Guest said: yeah pretty much.Oh, so nothing new? As for businesses still using IE6...you better get your act together soon...and if you're big enough you need to try to eliminate the dependancy on someone else's browser technology. |
|
ludoboss on March 11, 2010 5:10 PM |
A lost war! Microsoft must be directed to win the search engine war ad let other do browsers. Chrome, Opera and Firefox is over the top. MS u cannod do all better. U make win7: TNX! |
|
Guest on March 11, 2010 5:13 PM |
well if people would simply update their computers then they would already have IE8 insytalled. Its not that hard people. |
|
Guest on March 11, 2010 5:18 PM |
Why should people tolerate all the problems with IE when they have paid for a software that is suppose to be superior. Seems that Microsoft creates products with holes to try and force people to upgrade their products. People are paying for the right to be test subjects. |
|
Relic on March 11, 2010 5:20 PM |
Guest said: Heh ya, first thing that came to mind when I read the headline too.
Oh, so nothing new? |
|
elroacho72 on March 11, 2010 5:23 PM |
I like IE8, I still can't believe there is that many people stuck back on IE6or7.Wait yes I can My Dad still uses Madia player 9, why, why just update and live a little.Thank, You that is all. |
|
rajmond on March 11, 2010 6:01 PM |
I can understand some people who use IE 8 (because it's part of the most used operating system) but I don't know who uses still IE 6 & 7. It's nothing new that there if a new hole in Microsoft Internet Explorer. The best choice would be to change to a new browser ( Firefox or Chrome) |
|
codephoenix on March 11, 2010 6:03 PM |
Hmm.. I cant remember why i use Firefo.... oh... nevermind. |
|
Kovach on March 11, 2010 6:09 PM |
What's on my mind right now is why people still keep using IE after all these exploits coming? There are a lot of options to choose, but no, people are lazy to install another browser. |
|
compdata on March 11, 2010 6:26 PM |
Kovach said: Come on. We know that there are exploits in every browser. More issues are found in the common ones becuase they are the ones that get targeted. The real issue here is that people don't keep their computers up to date and so they are vulnerable.
What's on my mind right now is why people still keep using IE after all these exploits coming? There are a lot of options to choose, but no, people are lazy to install another browser. |
|
Kibaruk on March 11, 2010 6:27 PM |
I haven't used IE since forever... although there are some specific sites that are only for IE even nowadays which is kind of prehistoric, but still IE 8 isn't affected according to this. |
|
jrronimo on March 11, 2010 6:39 PM |
Kovach said: Not everyone has a choice -- Some of the web-based-systems that some of my users log into don't support IE8 yet. Sometimes they'll run... sometimes they'll run in Firefox, but not always. So they stick it out with IE7.What's on my mind right now is why people still keep using IE after all these exploits coming? There are a lot of options to choose, but no, people are lazy to install another browser. Luckily, there are workarounds for this published by Microsoft. Obviously the vendor of the web-software needs to update, but until they do we can only wait. |
|
Kovach on March 11, 2010 6:52 PM |
compdata said: Yes, I agree with you about updates and that there are exploits in every browser. But please, IE is hole without the end. It has more announced exploits than any other browser. Am I right?Kovach said: Come on. We know that there are exploits in every browser. More issues are found in the common ones becuase they are the ones that get targeted. The real issue here is that people don't keep their computers up to date and so they are vulnerable. What's on my mind right now is why people still keep using IE after all these exploits coming? There are a lot of options to choose, but no, people are lazy to install another browser. |
|
seefizzle on March 11, 2010 7:00 PM |
What's internet explorer? |
|
Kovach on March 11, 2010 7:01 PM |
jrronimo said: Yes, you are completely right. I was thinking about people that has choice and being lazy about choosing another browser, safer and faster. Kovach said: Not everyone has a choice -- Some of the web-based-systems that some of my users log into don't support IE8 yet. Sometimes they'll run... sometimes they'll run in Firefox, but not always. So they stick it out with IE7.What's on my mind right now is why people still keep using IE after all these exploits coming? There are a lot of options to choose, but no, people are lazy to install another browser. Luckily, there are workarounds for this published by Microsoft. Obviously the vendor of the web-software needs to update, but until they do we can only wait. |
|
GACrabill on March 11, 2010 7:46 PM |
Kovach said: No ... I don't think that you are correct.Yes, I agree with you about updates and that there are exploits in every browser. But please, IE is hole without the end. It has more announced exploits than any other browser. Am I right? We just don't hear about the Firefox holes. Hasn't Firefox had more security fixes for two years in a row now than IE has had? Do some research ... lots of Firefox security fixes occur that we never hear about ... blame the media, or start blaming Mozilla. |
|
zyodei on March 11, 2010 10:56 PM |
Hahah..just got done showing my coteacher a few of the basic features of Opera. Here in Korea, IE6 is still the standard - used on 90%+ of computers. I'm serious. She was BLOWN AWAY by tabbed browsing :P My current computer is a C2D with 2 Gigs of RAM..and came OEM with XP (good) and IE6 (hahaha..but irrelevant anyway) |
|
jacob007 on March 11, 2010 11:05 PM |
IE who? |
|
pipopaz on March 11, 2010 11:05 PM |
TomSEA said: You just gave the perfect solution! I agree as well that IE has way to many vulnerabilities exploited in the past.
Just say "no" to IE! Too many other better browsers around to mess with that and worry about the countless security issues. |
|
Yoda8232 on March 11, 2010 11:21 PM |
Solution? Don't use IE, but in all honesty after using all 5 major browsers I use Firefox as my main browser (secure and very customizable), Chrome as a backup (extremely fast), and IE if needed because it's compatible with all the websites because basically all the websites are made for IE because it's WAS the most popular browser. |
|
ToastOz on March 11, 2010 11:52 PM |
First mistake was using IE. |
|
elroacho72 on March 12, 2010 12:07 AM |
People are not as lazy as they are scared of new things new ways of doing the same thing. Old people (my parents) just don't like change. |
Most Popular
| Trending | Featured |