IDN Forums - Internationalized Domain Names  
Home | idntools | Advertise on idnforums | Premium Membership

Go Back   IDN Forums - Internationalized Domain Names > IDN Development > Browser, Mobile & Software

Browser, Mobile & Software Discussion of IDNs & browsers such as Microsoft IE, mobile cell phones, or other software

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 31st March 2006, 10:39 PM
sarcle's Avatar
Senior Member
 
Join Date: Oct 2005
Location: Planet Earth
Posts: 3,717
iTrader: (22)
Rep Power: 1714
sarcle will become famous soon enoughsarcle will become famous soon enoughsarcle will become famous soon enoughsarcle will become famous soon enoughsarcle will become famous soon enoughsarcle will become famous soon enoughsarcle will become famous soon enough
Hackers attack IE6

Quote:
Hackers have posted a new version of malicious software that will make it easier for them to exploit an unpatched vulnerability in Microsoft's Internet Explorer (IE) browser. Based on a critical bug disclosed on March 22, the software was posted by hackers Friday to the Milw0rm.com Web site.

The code exploits a flaw in the way IE processes Web pages using the createTextRange() method. Hackers have been using malware that takes advantage of this vulnerability to install unauthorized software on victims' computers over the past week, but this new generation is considered to be more dangerous, according to security researchers.

Older versions of the malware could freeze victims' browsers for more than a minute, giving them an opportunity to shut down their computers or stop the malicious software before it could complete its work. But the new software works more quickly, meaning it will be particularly effective on older machines with limited memory and processing capabilities, said Craig Schmugar, researcher with McAfee Avert Labs.

Though hackers had not widely adopted the new software as of Friday morning, Schmugar said he expected that to change. "It's still pretty early," he said. "I think it's reasonable to expect that people will shift."
The software also uses new techniques to avoid certain types of signatures used by anti-virus vendors, said Aviv Raff, a security researcher based in Israel. "It's much more effective," he said. "I think people should know and understand that ... now they are more vulnerable."

The fact that the code was released just before the weekend is also worrisome, because it means that "administrators have to wait for Monday to apply their protections and to give warning to users," said Juha-Matti Laurio, a security researcher in Helsinki.

With a fix for the problem expected as late as April 11, the date of Microsoft's next scheduled security update, security companies Determina and eEye Digital Security issued unsupported patches for the problem. According to eEye, there have been more than 70,000 downloads of its software since its Monday release.

Microsoft does not recommend that users install these patches. Instead, it recommends that users disable IE's Active Scripting feature as a work-around.

Despite the severity of the TextRange() bug, McAfee says that the malware that takes advantage of it is not particularly widespread. This software at present ranks No. 13 in McAfee's list of the top 20 pieces of malware being reported, Schmugar said.
http://www.networkworld.com/news/200...e-malware.html

Just a question. Can Microsoft be held liable for allowing this to go unprotected when other companies have already built a patch for the problem? Especially when Microsoft has a better version of the browser that is unaffected by these problems available.
__________________
I can hear the death rattle of fiat from here...
Reply With Quote
  #2 (permalink)  
Old 1st April 2006, 03:51 AM
Veteran
 
Join Date: Feb 2006
Posts: 7,495
iTrader: (65)
Rep Power: 2664
blastfromthepast will become famous soon enoughblastfromthepast will become famous soon enoughblastfromthepast will become famous soon enoughblastfromthepast will become famous soon enoughblastfromthepast will become famous soon enoughblastfromthepast will become famous soon enoughblastfromthepast will become famous soon enoughblastfromthepast will become famous soon enoughblastfromthepast will become famous soon enough
Re: Hackers attack IE6

I wish they would just tell people: upgrade to the beta version.
Reply With Quote
  #3 (permalink)  
Old 1st April 2006, 11:33 PM
sarcle's Avatar
Senior Member
 
Join Date: Oct 2005
Location: Planet Earth
Posts: 3,717
iTrader: (22)
Rep Power: 1714
sarcle will become famous soon enoughsarcle will become famous soon enoughsarcle will become famous soon enoughsarcle will become famous soon enoughsarcle will become famous soon enoughsarcle will become famous soon enoughsarcle will become famous soon enough
Re: Hackers attack IE6

Quote:
Quote:
A new twist on the existing exploit of Internet Explorer's zero-day vulnerability has slashed the time it takes to compromise a computer, a security company claimed Friday.
As of mid-afternoon Friday, Microsoft had not pushed out a patch for the IE flaw, but users had other options to defend themselves, including disabling the browser's Active Scripting feature, installing one of two third-party fixes, or switching to another Web browser, such as Firefox.
Microsoft is telling people to switch to firefox? Didn't we have a discussion on that a few days ago.

I love the one about disabling the brower's Active Scripting. What a joke. My mom knows how to open the browser and type in yahoo and that's it.
__________________
I can hear the death rattle of fiat from here...
Reply With Quote
  #4 (permalink)  
Old 2nd April 2006, 03:02 PM
Veteran
 
Join Date: Feb 2006
Posts: 7,495
iTrader: (65)
Rep Power: 2664
blastfromthepast will become famous soon enoughblastfromthepast will become famous soon enoughblastfromthepast will become famous soon enoughblastfromthepast will become famous soon enoughblastfromthepast will become famous soon enoughblastfromthepast will become famous soon enoughblastfromthepast will become famous soon enoughblastfromthepast will become famous soon enoughblastfromthepast will become famous soon enough
Re: Hackers attack IE6

Quote:
Originally Posted by sarcle
Microsoft is telling people to switch to firefox? Didn't we have a discussion on that a few days ago.
This is great.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT. The time now is 01:05 PM.

Site Sponsors
Your ad here
buy idns
domain name lawyer
buy t-shirt
מחיר הזהב

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.3.0
Copyright idnforums.com 2005

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54