Microsoft Browser Holes Lead to AIM, Dial-Up Attacks

Reuters ^ | 09-26-03

[sigSEGV]

They've known about these things for months.

http://www.pivx.com/larholm/unpatched/

Bottom line: Don't use IE for anything you value -- online banking, etc.

[upchuck]

Clearly, Micro$loth is screaming at it's customers, "DO NOT use Internet Explorer. It's full of bugs. Use another browser, such as Netscape, Mozilla, Opera, etc."

Humble Opera user for years.

[mfulstone]

#$%@itall, people!
Just use ZoneAlarm! it's free for personal use and cheap for corporate use.

[sigSEGV]

Zone Alarm won't stop exploits like these.

[kitkat]

BUMP

[amigatec]

Let me be the first to say it. This is why I use Linux!! Since I switched I have not had my homepage changed to a porn site, I have not had to worry about virus's, and I don't receive ANY spam, ZERO SPAM!!

I run a Linux firewall and the hits I receive everyday from blaster is off the scale!!

I agree with the writer of Blaster, Gates needs to stop making money and fix his software!!!

[Cicero]

These particular holes were patched quite a long time ago, for those who bothered to update.

But it may be a good idea to download and use DCOMbobulater from Gibson Research, because as the article points out, related exploits are still possible. Why not just turn DCOM off if you aren't on a company network that requires it?

[JOE6PAK]

Bottom line: Don't use IE for anything you value -- online banking, etc.

....AND TURN OFF THAT PORN!

[sigSEGV]

No. MS has only released partial fixes that don't address the underlying problems. This has nothing to do with the DCOM problems.

[boris]

Friends don't let friends use AOL.

[boris]

"Bottom line: Don't use IE for anything you value -- online banking, etc."

I was a confirmed Netscape user. Until it began crashing for no reason, bringing down the entire PC. I uninstalled it, downloaded a fresh copy, installed it. Same problem.

Eventually I reformatted the HD, installed a new copy of Netscape; same problem.

Querying Netscape "technical support" was like talking to the Sphinx, except that the Sphinx is more talkative.

Finally I threw up my hands, installed IE and have never had a problem.

Zone Alarm Pro, McAfee, and other tools keep me deloused; I install "critical updates" as they appear.

--Boris

[Publius6961]

or changing their settings in Internet Explorer to prompt them before a Web site downloads programs that can execute on their own, Toulouse said.

Wouldn't it be nice if instead of just making this statement the instructions for actually doing it were posted?

[Publius6961]

How many [!} keys have you got on your keyboard, anyway?

[EUPHORIC]

Zone Alarm is good. BlackIce is better and more configurable and co$ts a bit of change. Even if you use a software firewall the best choice is a good hardware firewall such as a personal SonicWall or Netgear unit. DOS attacks can lag down your TCP/IP stack so badly that it causes you many problems (even with the very best software firewall).

Ultimate solution is to have a good hardware firewall as your router AND a good software firewall on your server or workstation as a failsafe. I have both and both combined have protected me from every virus attack to date and DOS attacks fail miserably. I do a lot of IRC and with my Conservative opinions and big mouth I get a lot of them. :)

[Utilizer]

Oh, yeh; 'Opera' and 'AtGuard' are the way to go! No problems, nobody can get a response or even a cookie unless you specifically say they do, and NO malicious scripts rerouting you to Pr0n sitez or virus'Z infecting your machine.

[backhoe]

FREE PC PROTECTION: ( credit- Martin Fierro )

• Spybot S&D: Removes lurking spyware.
• AdAware: Removes lurking spyware.
• Bayden Systems Popup Popper: Blocks popup ads well in MSIE
• MailWasher: Good for pre-screening & bouncing SPAM
• AVG Anti-Virus Free Edition: Free anti-viral protection
• Windows Update: At least install the critical ones
• ZoneAlarm: Excellent Firewall
• SpywareBlaster - Prevent spyware from ever being installed!
• http://www.analogx.com/contents/download/system/sdefend.htm

 

[amigatec]

I probably have less (!) keys on my keyboard, than you have Trojans, virus's, and worms, in your computer.

People talk about all the problems with Windows, but keep using it. I fixed my problem.

I installed Linux, and I have never looked back!!

[JoJo Gunn]

For any readers who don't know what a "web bug" is, click on this link.

http://invite.ke2.informative.com/images/invite.gif

(The link is related to the "front door" at Virtual Dr., a computer help forum I sometimes frequent, and it's like a turnstile, telling the site owners how much site traffic there is). You'll open up a blank window. Right click, choose Select All, and if you squint you'll see a small dot in the top left corner.

That's all it takes, by the way, for a spammer wanting to know if your account is active, to know you opened up his sewagemail while on-line. It costs him no bandwidth. If you feel compelled no matter what to open up suspicious mail from just anyone, at least do it off-line.