Stop Microsoft
All Things Microsoft => Microsoft as a Company => Topic started by: worker201 on 18 December 2008, 01:44
-
http://www.microsoft.com/technet/security/bulletin/MS08-078.mspx (http://www.microsoft.com/technet/security/bulletin/MS08-078.mspx)
They barely ever come out and say exactly what the flaw is or what it does, but this one seems to be pretty serious. It's a "publicly disclosed" vulnerability, which probably means it was first publicized on Slashdot or something, and it affects all versions of IE back to 5. Basically, if you're running Windows 2000 or later, you're affected.
In the FAQ section of the above document, they anticipate questions about older versions of IE. The response: "It should be a priority for customers who have older releases of the software to migrate to supported releases". Meaning "If you're using IE4, you're shit out of luck". Which is to be expected - I would laugh hysterically at anyone using IE4, even back when it was the current version.
-
It's a very old flaw. It's a buffer overflow exploit that allows the attacker to upload and run code on the affected machine.
Only later Windows running IE with limited privileges are "relatively safe."
The flaw is the one I mentioned in another post about Homer Simpson and the zombie network. It is being widely used now to steal passwords and such, so MS was pressured to fix it immediately.
-
yet its firefox that gets to be tops in the list of unsecure software, typical, anyone running IE is a nut, the only thing I use it for is for BBC's iplayer because it dosen't seem to run on firefox and not even IE-64, I've already given them a peice og my mind and got the expected no reply
-
Welcome. I wouldn't say firefox makes t he top of every unsecure list, but many websites count firefox's vulnerabilities multiple times because it is multi-platform.
-
It only figures M$ would take this long to fix something...
-
All the way back to Internet Explorer 5? That surprises me, even for Microsoft, and considering it was reported that this problem only affected versions 7 and 8. I'm thinking that this flaw is also why the browser often stops responding when it is used for long enough?