Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Secunia warns of flaws in IE
Earthtimes.org ^ | 2005-01-08 | Chaney. R

Posted on 01/08/2005 9:48:47 AM PST by holymoly

Disable Internet Explorer Active X support, turn off the "drag-and-drop" or "copy-and-paste files" option across a domain, or switch to another Web browser unless you want to face a Hack attack on your PC, warns the security firm Secunia. They have discovered three very critical flaws in the IE and have issued security notice on its website.

The company has rated the flaw as of a very high risk nature and has said that this is their last warning for people to secure their data. “The flaw affects IE 6, and can enable hackers to run pornographic dialers to be dialed from the user’s computer without their knowledge” said Thomas Kristensen, Secunia's chief technology officer. He said that only those flaws that can let someone manipulate user’s machine without user’s intervention get such high rating.

Even PCs with Microsoft's Service Pack 2 patch are vulnerable to be attacked.

The company has also said that Microsoft has been aware of this flaw for at least two months now but they have not yet come up with a security patch. The exploit code for one of the three vulnerabilities, a flaw in an HTML Help control, was already published on the Internet on Dec. 21.

Commenting on this Microsoft officials said that an incomplete patch can at times be worse than no patch at all. They want to thoroughly test the patch and it should be well engineered. This will take sometime

These flaws have made a big dent in Microsoft’s already battered image when it comes to security.


TOPICS: News/Current Events; Technical
KEYWORDS: acivex; activex; browser; computersecurity; danger; exploit; explorer; feature; flaw; ie; internet; microsoft; msie; security; warning
Navigation: use the links below to view more comments.
first 1-2021-31 next last
FYI:
Internet Explorer Privacy & Security Settings
Tips for securing (hardening) Microsoft Internet Explorer, Versions 4-6.  From the University of Illinois at Urbana-Champaign.  (Many images; Dial-up users be patient.)

Alternative browsers:
Mozilla & Firefox
Opera

For more PC security-related links, see my FR homepage.
1 posted on 01/08/2005 9:48:47 AM PST by holymoly
[ Post Reply | Private Reply | View Replies]

To: holymoly

And now Bill and the Gang want to charge you for their own spyware/antivirus fixes!!! They want you to subscribe to their program so they can charge you to fix their vulnerabilities. Is this a great country or what?!


2 posted on 01/08/2005 10:03:58 AM PST by Shady
[ Post Reply | Private Reply | To 1 | View Replies]

To: Temple Owl

ping


3 posted on 01/08/2005 10:04:48 AM PST by Tribune7
[ Post Reply | Private Reply | To 1 | View Replies]

To: holymoly

Disable Internet Explorer completely and use the Mozilla Firefox web browser.


4 posted on 01/08/2005 10:04:56 AM PST by xrp (Executing assigned posting duties flawlessly -- ZERO mistakes)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce; backhoe

tech bump


5 posted on 01/08/2005 10:06:55 AM PST by JoJo Gunn (More than two lawyers in any Country constitutes a terrorist organization. )
[ Post Reply | Private Reply | To 1 | View Replies]

To: JoJo Gunn

I already have moved to Mozilla...What a difference!


6 posted on 01/08/2005 10:11:34 AM PST by Shady
[ Post Reply | Private Reply | To 5 | View Replies]

To: holymoly

Microsoft's corporate culture made viruses, spyware and viruses the phenomenon they are today.

I refer to the determination among managers and supposedly genius-level, supposedly "responsible" employees -- from the highest to the lowest -- to downplay and whitewash obvious problems in the evolving architecture. Their goal was to avoid saying anything that rocked the boat, in order to vest and cash out their stock options. That attitude influenced the company's judgment when developing IE and Active-X, and made today's situation possible.

Active-X should never have been let loose on the world in its present form; the "fixes" are small bandaids on a gaping security wound.

One of these days, AGs will grow balls and sue Microsoft for deliberately putting consumers at risk, by igoring obvious flaws in its products. The agreements that people must sign when installing a Microsoft product do not and should be allowed to exclupate Microsoft from deliberate negligence.


7 posted on 01/08/2005 10:12:46 AM PST by Tax Government (Boycott and defeat the Legacy Media. Become a monthly contributor to FR.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Tax Government

Correction: Microsoft's corporate culture made viruses, spyware and hacking the phenomena they are today


8 posted on 01/08/2005 10:22:06 AM PST by Tax Government (Boycott and defeat the Legacy Media. Become a monthly contributor to FR.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: Shady

I pretty much have as well. Mozilla is far from perfect, (and still use IE for a couple of things), but the ad/popup blocking is worth its troubles.


9 posted on 01/08/2005 10:33:31 AM PST by JoJo Gunn (More than two lawyers in any Country constitutes a terrorist organization. )
[ Post Reply | Private Reply | To 6 | View Replies]

To: holymoly
Good post ... good web page ... good bookmark ... good guy ;)

Thank you

10 posted on 01/08/2005 10:37:30 AM PST by G.Mason (A war mongering, UN hating, military industrial complex loving, Al Qaeda incinerating American.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: holymoly
Re: Internet Explorer Privacy & Security Settings

"The nytimes.com domain is in my Trusted sites zone so that I can read The New York Times free every day (fantastic deal, I think). The free registration and cookie required to access the content at The New York Times web site are a modest "price" to pay for daily access to one of the world's great newspapers."

I do hope the information in this article from Eric L. Howes at the University of Illinois is better than the choices he makes in life. ;)

11 posted on 01/08/2005 10:51:07 AM PST by G.Mason (A war mongering, UN hating, military industrial complex loving, Al Qaeda incinerating American.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: G.Mason
Good post ... good web page ... good bookmark ... good guy ;)

Thank you


You're quite welcome. Glad you found some of it interesting/useful.
12 posted on 01/08/2005 11:00:52 AM PST by holymoly (Whatever)
[ Post Reply | Private Reply | To 10 | View Replies]

To: rdb3; Bush2000; ShadowAce; Nick Danger; Swordmaker

Pinging the techs.


13 posted on 01/08/2005 11:02:40 AM PST by Salo
[ Post Reply | Private Reply | To 1 | View Replies]

To: xrp

Is firefox web browser free?


14 posted on 01/08/2005 11:25:05 AM PST by processing please hold (Islam and Christianity do not mix ----9-11 taught us that)
[ Post Reply | Private Reply | To 4 | View Replies]

To: pbrown
Is firefox web browser free?

100% free. No strings attached. Just download, install, and surf the Net.
15 posted on 01/08/2005 11:26:41 AM PST by holymoly (Whatever)
[ Post Reply | Private Reply | To 14 | View Replies]

To: holymoly

After reading this I did a quick check and found that I had one entry under my trusted sites: http://free.aol.com

I never put this under trusted. Did it get there from the IE sp2 etc...? Or it it there because AOL uses IE?

I don't have AOL as a provider.

I'm removing the entry now.

Most curious


16 posted on 01/08/2005 11:29:45 AM PST by SirChas
[ Post Reply | Private Reply | To 1 | View Replies]

To: holymoly

Thank you.


17 posted on 01/08/2005 12:51:57 PM PST by processing please hold (Islam and Christianity do not mix ----9-11 taught us that)
[ Post Reply | Private Reply | To 15 | View Replies]

To: xrp

I'm not computer savvy, how does one disable IE? I do have Firefox downloaded, but it didn't seem to work as well with the accelerator on my ISP (earthlink). Any help appreciated!


18 posted on 01/08/2005 12:56:04 PM PST by Annie03
[ Post Reply | Private Reply | To 4 | View Replies]

To: Annie03
I'm not computer savvy, how does one disable IE?

You can't disable it, per se. All you can really do is increase the various security settings, disable ActivX, etc. If you want to know more, I posted a link earlier with tips towards securing (hardening) MSIE.
19 posted on 01/08/2005 2:29:29 PM PST by holymoly (Whatever)
[ Post Reply | Private Reply | To 18 | View Replies]

To: holymoly

Thanks :)


20 posted on 01/08/2005 2:55:12 PM PST by Annie03
[ Post Reply | Private Reply | To 19 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-31 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson