• Welcome to the LegalBeagles Consumer and Legal Forum.
    Please Register to get the most out of the forum. Registration is free and only needs a username and email address.
    REGISTER
    Please do not post your full name, reference numbers or any identifiable details on the forum.

Internet Explorer security flaw

Collapse
Loading...
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Internet Explorer security flaw

    Page last updated at 09:20 GMT, Tuesday, 16 December 2008
    E-mail this to a friend Printable version
    Serious security flaw found in IE


    Internet Explorer is used by the vast majority of the world's computer users

    Users of Microsoft's Internet Explorer are being urged by experts to switch to a rival until a serious security flaw has been fixed.
    The flaw in Microsoft's Internet Explorer could allow criminals to take control of people's computers and steal their passwords, internet experts say.
    Microsoft urged people to be vigilant while it investigated and prepared an emergency patch to resolve it.
    Internet Explorer is used by the vast majority of the world's computer users.

    It's a shame Microsoft have not been able to fix this more quickly


    Darien Graham-Smith
    PC Pro magazine



    Q&A: Stay safe online

    "Microsoft is continuing its investigation of public reports of attacks against a new vulnerability in Internet Explorer," said the firm in a security advisory alert about the flaw.
    Microsoft says it has detected attacks against IE 7.0 but said the "underlying vulnerability" was present in all versions of the browser.
    Other browsers, such as Firefox, Opera, Chrome, Safari, are not vulnerable to the flaw Microsoft has identified.
    Browser bait
    "In this case, hackers found the hole before Microsoft did," said Rick Ferguson, senior security advisor at Trend Micro. "This is never a good thing."
    As many as 10,000 websites have been compromised since the vulnerability was discovered, he said.
    "What we've seen from the exploit so far is it stealing game passwords, but it's inevitable that it will be adapted by criminals," he said. "It's just a question of modifying the payload the trojan installs."

    MICROSOFT SECURITY ADVICE
    Change IE security settings to high (Look under Tools/Internet Options)
    Switch to a Windows user account with limited rights to change a PC's settings
    With IE7 or 8 on Vista turn on Protected Mode
    Ensure your PC is updated
    Keep anti-virus and anti-spyware software up to date

    Said Mr Ferguson: "If users can find an alternative browser, then that's good mitigation against the threat."
    But Microsoft counselled against taking such action.
    "I cannot recommend people switch due to this one flaw," said John Curran, head of Microsoft UK's Windows group.
    He added: "We're trying to get this resolved as soon as possible.
    "At present, this exploit only seems to affect 0.02% of internet sites," said Mr Curran. "In terms of vulnerability, it only seems to be affecting IE7 users at the moment, but could well encompass other versions in time."
    Richard Cox, chief information officer of anti-spam body The Spamhaus Project and an expert on privacy and cyber security, echoed Trend Micro's warning.
    "It won't be long before someone reverse engineers this exploit for more fraudulent purposes. Trend Mico's advice [of switching to an alternative web browser] is very sensible," he said.


    This could be the moment when the minnows in the browser wars finally score a significant victory


    Rory Cellan-Jones
    BBC technology editor



    Read the dot.life blog in full

    PC Pro magazine's security editor, Darien Graham-Smith, said that there was a virtual arms race going on, with hackers always on the look out for new vulnerabilities.
    "The message needs to get out that this malicious code can be planted on any web site, so simple careful browsing isn't enough."
    "It's a shame Microsoft have not been able to fix this more quickly, but letting people know about this flaw was the right thing to do. If you keep flaws like this quiet, people are put at risk without knowing it."
    "Every browser is susceptible to vulnerabilities from time to time. It's fine to say 'don't use Internet Explorer' for now, but other browsers may well find themselves in a similar situation," he added.
    Dragging myself and my family back into the light with the help of Beagles.

    My Hardship Claim
    Me VS Abbey Win
    BIL HSBC Credit Card
    BIL EGG
    BIL HSBC Loan
    BIL PPI Win





  • #2
    Re: Internet Explorer security flaw

    I hate IE and refuse to use it. I have long said that it contains too many security risks to your machine.

    I always recommend using Firefox

    Firefox web browser | Faster, more secure, & customizable
    Any opinions I give are my own. Any advice I give is without liability. If you are unsure, please seek qualified legal advice.

    IF WE HAVE HELPED YOU PLEASE CONSIDER UPGRADING TO VIP - click here

    Comment


    • #3
      Re: Internet Explorer security flaw

      *Yawn*
      Another day another scare.

      Notice the word COULD, not WILL.
      Talk about hedging your bets.

      As long as you practice Safe Surfing and ensure you are protected, you're all good.

      But, as Tools said, if you really want to be safer still DUMP IE and use Firefox (or others) as an alternative.

      Comment

      View our Terms and Conditions

      LegalBeagles Group uses cookies to enhance your browsing experience and to create a secure and effective website. By using this website, you are consenting to such use.To find out more and learn how to manage cookies please read our Cookie and Privacy Policy.

      If you would like to opt in, or out, of receiving news and marketing from LegalBeagles Group Ltd you can amend your settings at any time here.


      If you would like to cancel your registration please Contact Us. We will delete your user details on request, however, any previously posted user content will remain on the site with your username removed and 'Guest' inserted.
      Working...
      X