Posted on 04/28/2014 7:13:12 AM PDT by JoeProBono
Hackers are already at work exploiting a newly discovered flaw in Microsoft’s Internet Explorer that has left more than half of the world’s Web browsers vulnerable to attack, including those on many federal government computers. Microsoft said it was aware of “limited target attacks” in a security advisory posted on Saturday. The flaw affects Internet Explorer versions 6 through 11. However, hackers are mostly targeting versions 9 through 11, according to the security firm FireEye, which discovered the flaw.........
(Excerpt) Read more at washingtonpost.com ...
You could try killing that iexplore.exe process and see if firefox still works.
You may have Firefox set up to use the IE rendering engine.
Executable (.exe) files are linked with libraries, which are collections of executable routines/procedures/functions.
If they are linked statically, at link time (when the programmer is generating the .exe), the libraries are searched for called routines, which then are copied out of the library by the linker and inserted into the .exe as it is being created. One winds up with a self-standing .exe that can run on it’s own.
If they are linked dynamically, on windoes the libraries have that .DLL file extension, i.e., the dynamic link library. The routines are not copied into the .exe as it is built by the linker, just references are inserted. The resulting .EXE, when a user installs it, must at run time be able to find a DLL on the user’s machine in order to resolve the references and call the routines in the DLL.
It would be possible for firefox.exe to cause iexplore.exe to start when it starts (through a system call to “exec” another program), that would not be the normal way to invoke shared functionality.
The normal way to share functionality would be to put the shared routines into DLLs, thus, there would be no need to start up iexplore.exe in that case.
Oh, a more specific answer to your question:
I’ve used Firefox on Windows PCs and never seen it cause iexplore.exe to start up.
That being said, it’s been a few years since I’ve done so, and I’ve never gotten into Firefox addons/plugins much, other than basics like flash player. Addons can do all sorts of things.
You may have something “going on there”, may have something to do with what’s installed on your pc, how it’s configured. Of course, can’t rule out malware either, without knowing.
OOPS.
I meant explorer.exe
BTW, MS has decided to release a FIX for this bug for WINDOWS XP users.
http://www.paretologic.com/resources/paretolabs/exe/explorer_exe.aspx
You’ve got windows explorer open.
That’s the thingie that one uses to browse the files on one’s PC.
explorer.exe is not Internet Explorer...it’s the service that drives the Windows user interface of your computer (the start menu and such). You disable that and you don’t have many options for doing much of anything whether it’s using a web browser or any other application.
Apparently explorer.exe is associated with various vulnerabilities.
just google
explorer.exe vulnerability
it’s the service that drives the Windows user interface of your computer (the start menu and such). You disable that and you don’t have many options for doing much of anything whether it’s using a web browser or any other application.
Thanks to both of you for your responses.
I agree with your information, but...
It is , then, Windows Explorer that has the 'bug', and it is common to all Windows XP users. MS is even releasing a 'fix' to Windows XP for the problem.
My description of Firefox sitting on top of or being a mask for IE may be a clumsy way to describe it, but it would still seem that Windows itself is the problem.
I don't understand how the base engines of IE and FIREFOX can be any different, as they both must use the same commands to access the internet.
It's not the bleeding edge, by any means, but it's stable and reliable. The less blood, the better.
Yes, windows has a lot of vulnerabilities. Historically, there releases were always particularly unpleasant, differing from pre-release versions, etc. IMHO, its was a low quality that was intentional, as users having difficulties motivated them to always want the next upgrade.
Regarding differences in Firefox/IE, the network interface is similar. Fundamentally, it’s open a network socket, read, write, close, in some fashion or another.
But then the HTML pages that are read in have to be “rendered”, i.e., displayed in your browswer window.
The browser is just an application, a .exe, an executable program, like any other, it opens up a window (what you see when it runs) and displays things in that window.
Both operating systems need window management services that keep programs confined to displaying only in their own window, call the application to redisplay when a window is uncovered by another window, etc.
Those displays on Linux call XWindows libraries which communicate with an XServer running on top of the operating system per se. It’s historically typical for servers running in data centers to not have X running or even installed. User PCs, of course, come with X starting up by default.
Those displays on Windows call Windows system libraries.
There are libraries/toolsets available that have been ported to (have a version for) both OSs, so, in theory, the application programmer writes only one version of his app using the toolset, just recompiling on each platform. Of course, then you’re tied in to how THAT library works, and you need to adapt your code to IT’S upgrades.
I don’t even know what Firefox and IE do for display/rendering; it’s far too much for me to keep track of !
Both windowing systems basically do the same thing, e.g., open a window, display bits and bytes, etc., but it’s like Ford/Chevy, they have their own programming interface.
The application programmer, in this case of Firefox, to be efficient, tries to keep the logic that’s common to both platforms identifiable/separate, and the logic that’s specific to each platform also identifiable/separate.
The big thing that’s the same in this case, of course, is interpreting the HTML. They have the same input data to deal with, well, other than MS HTML extensions that have yet to be accepted by the non-MS world.
In the old days, platform specifics were largely isolated into separate source code files; this is still true/possible with a lot of caveats, depending on how one designs.
With all respect, FRiend and fellow FReeper, it seems your understanding of how browsers and such work is fairly limited. There's no reason whatsoever for ANY commonality in the code that makes up IE and Firefox, or any other browser, for that matter.
Think automobiles. They all have to drive down the same roads, make the same turns, etc. But does that mean that they have to use the same type of components? Sure they have to have engines, tires, gas tanks, etc. but they're not at all the same. A manufacturing flaw in a Toyota brake system doesn't affect a Ford, and vice versa.
Same thing with browsers. Just because they have to use the same protocols over the internet, doesn't mean they have to be the same under the hood.
This flaw was in Internet Explorer browser code, not any of the base operating system code of Windows.
Is Pale Moon any good?
Thanks!
I don't think so Tim. Internet access is "built in" to Linux but not necessarily a "browser". In Linux you can download most new or updated apps from the command line and in fact you can install a fresh distro which may include no browser at all and populate your system with all kinds of software without viewing a single page of rendered html code.
That is what a "browser" such as IE does and though I can, in Linux, use a graphical browser to go to a website and click on links to download and install various software packages by that method, most of the time the latest architecture specific version of that package will already reside in my distro's repository for fast and easy access.
Say I don't have a browser and I want to install one, I can open a terminal and furnish my root or superuser credentials and simply type "yum install firefox" and my system will populate itself with the latest tested version lickety split with no wasted bandwidth, annoying popups, checkmarks to uncheck to say I don't want extra adware or malware, or any of that.
The underlying code which does that (Yellowdog Updater, Modified) is compact and purpose built (the tarball is barely one megabyte) and in no way resembles the bloat and vulnerability laden monstrosity known as Internet Explorer.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.