Posted on 09/19/2006 5:36:00 PM PDT by Eagle9
An unpatched vulnerability in all editions of Microsoft's Internet Explorer browser is being exploited, security researchers said Tuesday, with the attack dumping a broad range of adware, spyware, and Trojans onto PCs whose users simply surf to an infected or malicious site.
First reported by Sunbelt Software -- although rival Internet Security Systems claimed it was the first to discover the bug -- the vulnerability is in how IE renders VML (Vector Mark-up Language), an extension of XML that defines on-the-Web images in vector graphics format. The previously unknown -- and thus unpatched -- bug inside IE is already being used by attackers.
So far, said Eric Sites, vice president of research and development at Sunbelt, the exploit has shown up on hardcore porn sites, which are serving a buffet of badware to users who visit those sites.
"First they were pushing Virtumondo adware," said Sites, "but by late afternoon yesterday, these sites were distributing more than 40 different types of malware, including keyloggers, adware, and backdoors."
The new exploit seems to have a connection to WebAttacker, an multi-exploit attack "kit" created by a Russian group that sells for as little as $15 to $20. "We think that this new exploit is inside a new [version of the] kit," said Sites. "If that's true, then it will end up all over the place."
Sites said he expects that the exploit will migrate to one of the so-called "iframe cash" sites -- the term comes from the iframecash.biz site -- which use affiliates to push unpatched exploits to a large number of other Web sites, some of which are legitimate addresses whose servers have been previously compromised.
"This could end up being in lots
(Excerpt) Read more at techweb.com ...
Well, I must be the only dinosaur here.
I use IE and am running WIN98.
I have no problems at all.
However, I use my daughter's computer at times.
She has XP, and three children.
Their computer is a mess.
I will use this computer, and WIN98, until they die.
I'm happy, but I must be the most boring person on
the internet...lol.
Clinton Tells Another Lie
Muslims Blame Another Problem on US, Israel
Sun Rises In East Again
Exactly what I do too! :)
Sorry. I do not have that problem with Firefox with any web-email, from any of the ISPs with which I am using their web-email (my primary Email is automatically downloaded to my Thunderbird app on my PC, whenever I connect to the web.
So, I think your problem might be related to the particular ISP that you have your web-email with, their web-email pages and something they have done in an MS-IE-specific manner.
Did you check the date on the uninstall.exe file. Is that date the same as the install date for the 1.5.07 version, or is it earlier?
Have you tried the basic Win add/remove programs app?
I'm with you on Win 98, but I did switch to Firefox a couple years ago and found that IE had been making my DSL seem alot slower than it actually was. Now my Win 98 with Firefox does faster downloads than my neighbor's cable-modem. Part of the reason may be that Firefox is a smaller leaner app than IE, 'cause it was not "re-engineered" to "bundle" with the MS-Win-OS.
Ummm, you do realize that Netscape is built on Mozilla? I have not found any site that supports Netscape, limiting access to my Firefox.
Have you actually tried using Firefox on your bank site, or did you just take their supported browsers at face value? I access both BankOne/Chase and Nat.'l City websites just fine with Firefox.
I have tried using Firefox on my bank site. It gives me a message that the browser is not supported.
Is javascript turned on? You might get that message if it isn't, and most on-line banks require it.
Now surfing with JS turned off is smart, and it is a pain to have to go back and enable it when needed and then turn it off again when you're done. That's why the Firefox extension "NoScript" is so great. You can globally deny JS, and then selectively allow it for certain sites (every time you visit), such as on-line banking w/out having to go through all the hassle.
I downloaded again and reinstalled and the entry is back in add/remove programs. Thanks for your help.
Does anyone still use Internet Explorer?
I've tried Firefox, too.
It doesn't seem to make a
difference, speedwise, with
my cable.
Like a good conservative,
I'm not partial to change. ;o)
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.