|
Warning for Internet Explorer users
Sent to me today from a trusted friend.
Warning for Internet Explorer users December 16th Quote:
|
Could be a hoax, could be true. I switched to firefox and would never go back.
|
they have already sent out a patch
|
Guess Im safe with chrome.
|
I don't understand why people think they are safer with Fixefox, or whatever instead of IE. At least MS will own up to vulnerabilities and patch ASAP. I don't think it is that the others are inherently safer than IE.
|
I got the same email sent to me from a trusted friend, who is a subcontractor for the government. I would say that warning is true.
I also use firefox as well. |
This is very real. The vuln is present in all versions of IE from v5.01 to v8.beta2. The patch replaces MSHTML.dll. However, this file is different for different versions of IE, so there are specific versions of the patch based upon the version of IE you are using.
|
Quote:
MSIE has a huge, enormous majority of the browser market. If you're a "hacker" or hoodlum, you can target either/any browser, but if you want to wreak maximum havoc, you'll target MSIE. |
I didn't know people still used IE but anyways here is the webpage from MS telling you how to fix it.
|
Our IT guys consider this a real problem. They've adviced that the originators may indeed move on to Firefox and Chrome etal. However they also say that if the site is "https" then you're ok
|
I looked for MSHTML.dll for like . . . an hour and I couldn't find it. Guess I'm safe.:)
http://forums.pelicanparts.com/uploa...1229552967.jpg |
From the reg today:
Mozilla has rushed out updates to plug a few critical holes in versions 2 and 3 of its popular open source Firefox browser. Firefox 3.0.5 fixes three critical security flaws in the browser, while 2.0.0.19 stitches four critical vulns. Mozilla said that XSS vulnerabilities in SessionStore, XSS and so-called JavaScript “privilege escalation” and crashes that could cause memory corruption have been repaired in Firefox 3.0.5. The bugs in the browser could have been “used to run attacker code and install software, requiring no user interaction beyond normal browsing,” said Mozilla. It also once again urged users to upgrade from Firefox 2.0 because version 2.0.0.19 is the final release of updates for the browser. The company “is not planning any further security and stability updates for Firefox 2, and recommends that you upgrade to Firefox 3 as soon as possible”. It added that Mozilla’s “Phishing Protection” service would no longer be available in Firefox 2. In other words, it won’t be supporting the browser against future online scams and attacks. Mozilla’s security updates today follow on from Microsoft having to push out an emergency security patch for Internet Explorer on Wednesday, addressing a critical security hole currently being exploited in the wild. The latest zero-day vulnerability stems from data binding bugs that allows hackers access to a computer's memory space, allowing attackers to remotely execute malicious code as IE crashes, said a red-faced Microsoft yesterday. ® |
Quote:
http://www.techworld.com/security/news/index.cfm?newsid=1798 Quote:
Quote:
Quote:
Quote:
Quote:
http://blogs.zdnet.com/security/?p=758 Quote:
|
Actually, I'm a strong proponent of Microsoft alternates. Over the years I've explored and tinkered with lots of non-MS stuff, whether it be programs or OS. I used to prefer WordPerfect and hated when I finally had to ditch it in favor of Office. I've had dual boot systems and VMWare with Linux. I've done research on other OSs and programs, and I've been using NetScape/Mozilla/Firefox since 1995 or 1996 whenever I got on the Internet except for a period of a few months where IE was actually better than Netscape way back in the early days.
I just get tired of hearing all of the "Superior" Mac folks trying to make claims that don't really hold water. The other equalizer is that at least in the past, and I believe to this day, your hardware options in a Mac were regulated by Apple. By regulating what hardware you can put in the machine, you control a major factor in the stability wars. If you only have to program the OS/Apps for a small, relatively fixed set of factors, that's an easier job and should result in a more stable environment. With Windows, since any monkey can buy some chips, through together a sound card, modem, video card, etc.... and stick it in a PC with highly questionable drivers, the fact that Windows is and has been as stable as it is/was with pretty much infinite combinations of software hardware, is a miracle. |
Thank you Steve & Robb for some reality.
Ian |
There's probably not enough room on Wayne's servers to make a comparable "PC" post to the one above re OS X. :D
|
[QUOTE=masraum;4366117] I used to prefer WordPerfect and hated when I finally had to ditch it in favor of Office. [QUOTE]
Still have it. And QuatroPro. |
Quote:
|
I too, was a WordPerfect fan. Since the late 80s. I hated to change over but I was pretty well forced to due to Office. Lotus 123 also. I actually made money macroing that sucker for wage & benefit surveys etc for a while in the early 90s. CorelDraw was another fav & I still use it on occasion. And the list goes on . . .
Ian |
Quote:
For me to actually get a virus (I cannot since apple released a bunch of security updates for the above, plus the built in firewall works well), I actually have to think it is a piece of software I want to actually install (I have to type in my username and password, hit continue a few times, and click on the hard drive I want to install to). I think this is very different from just opening a sketchy .exe file. I'll take anything UNIX based over windows ANY day. Don't get me wrong, Windows works very well when it is NOT plugged into a network. |
Hey, I just had fun setting the hook; I knew someone would go off.
That's definitely some interesting reading, for sure.SmileWavy Feeling that you're "superior" because of something like a computer is silly. Next thing you're going to tell me that some people believe they're 'superior' because of . . . . I don't know . . . . the cars they drive or something. |
edit: Are you aware that Windows NT has a POSIX subsystem? And that technically Windows NT could be certified as UNIX, were MS to submit it for testing? Oh I'm sure it wouldn't pass as-is, and would need some development, but nonetheless. And you're aware that Apple didn't even WRITE OS-X? It's based off the BSD kernel, which was developed at Berkley. Actually it's based off NeXTSTEP, which uses a modified Mach derived BSD kernel. Are you aware of the HUGE similarities between Windows NT and DEC/Compaq VMS/OpenVMS? Did you know that Dave Cutler, lead engineer for Dec, left DEC for Microsoft, with 20 engineers and developers in tow to work on NT, and that they are internally very similar? Or that NT was written to be processor/platform independent, and in fact, is? NT has run on more platforms than Mac OS -any-revision ever has.
NT is awesome. You want to ***** about virus, bad software, stuff crashing, crappy drivers, blame third party vendors because your beef lies there. Blame hacky, crappy developers who can't figure out how to write software that doesn't require Administrator access, doesn't have to write to NT system folders, and can't figure out how to open Registry keys in Read Only mode. Sorry for the rant, but people spouting off about which OS is better, and how anything UNIX based is the way to go in all cases, annoy the hell out of me. Mostly because they almost NEVER know what they're talking about. Disclaimer: I run Solaris 10 on my desktop, for general computing and software development. I run varies NT machines. And Plan9. No MS Fanboy-ism here. Quote:
|
Quote:
|
Quote:
I think the balls sailed clear off the monkey. |
Quote:
I wasn't trying to say which OS was better, I just wanted to point out how difficult it is to install something malicious on os x. |
As I mentioned in my post. Steve left Apple, started NeXT, which built NeXTSTEP off of a modified Mach 3.0 microkernel. Apple acquired rights to NeXT when the company folded.
Ok, so Apple wrote a (relatively small) portion of OS-X. I already admitted that. Pretty much "theirs" only by rights, not by development. But anyway... Microsoft did the whole UNIX, thing, too. Way before OS-X. Way before Windows, even. Microsoft XENIX. Further UNIX doesn't really mean anything anymore. There was a time when UNIX was actually the NAME of an Operating System. Now it's a certification that is given to Operating Systems whose companies pay lots of money to have tested to conform to UNIX standards by the company that owns the UNIX trademark. It's meaningless. An Operating System doesn't even have to be based off some original ATT UNIX code to be UNIX. As I mentioned, NT could be certified UNIX, that POSIX subsystem and what not. And, given that UNIX doesn't actually mean anything anymore, what's so great about UNIX? It's an antiquated, outdated model of computing, it's from the 60s! (Yes, I'm aware NT goes back about as far.) Nothing UNIX does is new, or revolutionary, as much as the OS-X and GNU/Linux fanboys wants it to be so. Plan9, by Bell Labs, now that is a modern, well thought-out OS design. Avoids a lot of mistakes UNIX made, and continues to make. But, alas, my only point here is that OS-X is not necessarily better than NT, and is certainly no better just because it's UNIX branded. You want to blame NT problems on someone, like I said, ***** at 3rd party developers, not MS. Off my soapbox now:) |
I can't have an attitude, I'm campless:-D
Quote:
|
I think the following is a realistic, reasonable and non-confrontational representation of OS X vs. Windows re viruses, with my emphasis in bold:
Quote:
Security through (relative) obscurity and BSD underpinnings do offer an advantage against pre-Vista Windows, regardless of whomever from wherever contributed to writing the OS and whether or not they kissed Steve's ring. While there may be an OSX "virus" (infects w/o user interaction) in the wild, I am not aware of it, although I am aware there are/have been trojans (infects with the help of user interaction). FWIW and not meant to inflame! I know people that I consider very close friends and have even had relations with women who use MSFT OSs, and we get/got along just fine! :D FWIW. |
Quote:
|
Man did you guys go off on a tangent, now get out of your mothers basement and go look at girls :p
Anyway several of my customers got hit with the exploit and we pushed Microsoft hard for a fix (as did several other countries). The real culprit is the end user as this was a user initiated exploit on the browser (you would have to go to a compromised site and it would exploit your browser) The fun began when the blackhats/script kiddies found out how easy it was to exploit, then we were seeing 4 year old malware start surfacing. It was pretty funny (not) Anyway patches have been tested and we found no issue with any browser based applications our clients run. MS has it in Windows update now so I would suggest updating your PC ASAP. Happy Holidays Steve and Bill.... |
| All times are GMT -8. The time now is 10:12 PM. |
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0
Copyright 2025 Pelican Parts, LLC - Posts may be archived for display on the Pelican Parts Website