O.T. Serious flaw in Internet Explorer not fixed yet

Discussion of anything and everything relating to chess playing software and machines.

Moderator: Ras

Terry McCracken
Posts: 16465
Joined: Wed Aug 01, 2007 4:16 am
Location: Canada

O.T. Serious flaw in Internet Explorer not fixed yet

Post by Terry McCracken »

Posted: 12/15/2008 12:54:55 PM PST

http://www.siliconvalley.com/latesthead ... ck_check=1

Users of all current versions of Microsoft's Internet Explorer browser might be vulnerable to having their computers hijacked because of a serious security hole in the software that had yet to be fixed today.

The flaw lets criminals commandeer victims' machines merely by tricking them into visiting Web sites tainted with malicious programming code. As many as 10,000 sites have been compromised since last week to exploit the browser flaw, according to antivirus software maker Trend Micro.

The sites are mostly Chinese and have been serving up programs that steal passwords for computer games, which can be sold for money on the black market. However, the hole is such that it could be "adopted by more financially motivated criminals for more serious mayhem — that's a big fear right now," Paul Ferguson, a Trend Micro security researcher, said today.

"Zero-day" vulnerabilities like this are security holes that haven't been repaired by the software makers. They're a gold mine for criminals because users have few ways to fight off attacks.

The latest vulnerability is noteworthy because Internet Explorer is the default browser for most of the world's computers. Also, while Microsoft says it has detected attacks only against version 7 of Internet Explorer, which is the most widely used edition, the company warned that other versions are also potentially vulnerable.

Microsoft said it is investigating the flaw and is considering fixing it through an emergency software patch outside of its normal monthly updates, but declined further comment. The company is telling users to employ a series of complicated workarounds to minimize the threat.

Many security experts, meanwhile, are urging Internet Explorer users to use another browser until a patch is released.

———

On the Net:

Microsoft's advisory:

www.microsoft.com/technet/security/advisory/961051.mspx
Top
User avatar
Dr.Wael Deeb
Posts: 9773
Joined: Wed Mar 08, 2006 8:44 pm
Location: Amman,Jordan

Re: O.T. Serious flaw in Internet Explorer not fixed yet

Post by Dr.Wael Deeb »

Thanks Terry,an interesting and shocking stuff :shock:
_No one can hit as hard as life.But it ain’t about how hard you can hit.It’s about how hard you can get hit and keep moving forward.How much you can take and keep moving forward….
Top

Return to “Computer Chess Club: General Topics”