Free Republic

If you use the Internet Explorer, Google Chrome or Apple Safari browsers to conduct PayPal transactions, now would be a good time to switch over to the decidedly more secure Firefox alternative. That's because a hacker on Monday published a counterfeit secure sockets layer certificate that exploits a gaping hole in a Microsoft library used by all three of those browsers. Although the certificate is fraudulent, it appears to all three to be a completely legitimate credential vouching for the online payment service. The bug was disclosed more than nine weeks ago, but Microsoft has yet to fix it. Monday's...

Swiss cheese browser gains extra hole Scallywags are using an unpatched vulnerability in an ActiveX component to distribute malware, Microsoft warned on Monday. The development adds to already pressing unresolved Internet Explorer security bug woes. No patch is available for the Office Web Components ActiveX security hole, although there are workarounds which can be automated for enterprise rollouts. The flawed component is used by IE to display Excel spreadsheets, greatly increasing the scope for mischief. Win XP and Win 2003 systems are particularly at risk, while the additional security controls in Vista cover Microsoft's modesty. Redmond said it's aware of...

The European Union charged Microsoft Corp. with new antitrust violations, reanimating a pursuit of the software giant that has already led to more than $2 billion in fines and has defined Europe's approach to policing big business. In the charges, delivered Thursday to Microsoft, the EU accuses Microsoft of "tying" its Web browser, Internet Explorer, to its Windows operating system in a move that allegedly stifles competition from other makers of browsers. The action, which revives issues at the heart of a U.S. antitrust case a decade ago, comes more than a year after Microsoft Chief Executive Steve Ballmer effectively...

Microsoft Corp. is taking the unusual step of issuing an emergency fix for a security hole in its Internet Explorer software that has exposed millions of users to having their computers taken over by hackers. The "zero-day" vulnerability, which came to light last week, allows criminals to take over victims' machines simply by steering them to infected Web sites; users don't have to download anything for their computers to get infected, which makes the flaw in Internet Explorer's programming code so dangerous. Internet Explorer is the world's most widely used Web browser. Sponsored Links (Ads by Google) Security for Your...

Excerpt - Google have announced plans to take on Microsoft and Firefox with their own open-source browser, codenamed Chrome, by releasing a specially drawn comic by Scott McCloud explaining the app. Based on the existing Webkit rendering engine, Chrome will integrate not only tab-based browsing but Google Gears and a newly integrated search and address system called Omnibox. ~ snip ~

Microsoft released a web browser on Wednesday that includes a feature that could affect the advertising model of internet rivals such as Google.

 « View all web results for SiteMeter Web Sites Using SiteMeter Are Crashing with Internet ExplorerWired News - 2 hours ago By Kim Zetter August 02, 2008 | 4:23:19 AMCategories: Glitches and Bugs A number of web sites that use SiteMeter tracking code to monitor the number of ... Attention Sitemeter Users: Your Site is DownMashable, CA - 3 hours ago Because they use SiteMeter, a popular free traffic metrics utility. As of this moment, there hasn’t been any official statement from SiteMeter via their ... SiteMeter causing blogs and websites to crash in Microsoft's ...Northwest Progressive Institute Official Blog, WA - 7 hours ago...

EU leaders tread carefully ahead of Irish treaty vote By Yacine Le Forestier AFP - Thursday, May 29 06:31 pm   European Commission Chairman Jose Manuel Barroso smiles on May 22, 2008. With a potentially perilous European treaty referendum approaching in Ireland, EU leaders are doing their utmost to avoid any sensitive issues that might encourage a "No" vote and spark a new crisis.     BRUSSELS (AFP) - With a potentially perilous European treaty referendum approaching in Ireland, EU leaders are doing their utmost to avoid any sensitive issues that might encourage a "No" vote and spark a new...

SEATTLE (AP) - Microsoft Corp. (MSFT) (MSFT) gave early testers their first glimpse of its next-generation Web browser Wednesday, and said Internet Explorer 8 will adhere to the same standards as competitors' programs. Microsoft's browsers, including the current Internet Explorer 7, gained notoriety among Web developers for handling Web page code differently than Mozilla Corp.'s Firefox, Apple Inc. (AAPL)'s Safari, the now-defunct Netscape Navigator and others. For the most part, major non-Microsoft browsers and outside developers who built Web pages worked with agreed-upon technical standards, while Microsoft was accused of adding proprietary code to those standards. The result: Web pages...

NEW YORK (AP) - Netscape Navigator, the world's first commercial Web browser and the launch pad of the Internet boom, will be pulled off life support Feb. 1 after a 13-year run. Its current caretakers, Time Warner Inc. (TWX)'s AOL, decided to kill further development and technical support to focus on growing the company as an advertising business. Netscape's usage dwindled with Microsoft Corp. (MSFT)'s entry into the browser business, and Netscape all but faded away following the birth of its open-source cousin, Firefox. "While internal groups within AOL have invested a great deal of time and energy in attempting...

As is my wont, I'm going to do another of my periodic updates on the usage of Firefox by PCWorld.com visitors, as shown in our Web analytics numbers. And since 2007 is practically over, I'll expand my report to look at some other notable numbers, too. First, let's look at browsers... 2007 has seen the first full year of competition between Internet Explorer 7--Microsoft's first sorta-modern browser--and the upstart known as Firefox. IE7 has steadily grown in usage over the year, going from around 24 percent usage to 37 percent today. But despite some predictions that it would strike a...

Standards, standards, standards. That's the general theme of a video about the next version of Internet Explorer, which will unsurprisingly be called IE8. Details thus far have been scarce, but in a half-hour video with IE's GM Dean Hachamovitch and Architect Chris Wilson produced by Microsoft's Channel 9, the two discuss the importance of standards, compatibility and interoperability with the upcoming browser. We also get a (faraway) sneak peak at a development build of the new hush-hush browser. The key takeaway? IE will finally be able to render the Acid 2 test correctly, which has historically been one of the...

Hackers are actively exploiting a zero-day hole in RealNetworks’ RealPlayer media player, a software program installed on tens of millions of Windows computers worldwide. RealPlayer zero-day flaw under attack The in-the-wild attacks, which began late last night (October 18), targets a previously unknown and unpatched ActiveX vulnerability in the way RealPlayer interacts with Microsoft’s Internet Explorer browser. The flaw is causing drive-by malware downloads when an IE user simply browsers to a maliciously rigged Web page, according to an alert issued by anti-virus vendor Symantec. The issue affects an ActiveX object installed by RealPlayer, accessible over the web using Internet...

Orange County on steroids or Phoenix raised to an exponential power? That was one reaction to Wednesday's two-year study on job creation and retention by the Milken Institute that rated the Ontario-San Bernardino-Riverside area No. 3 among 200 large U.S. metropolitan areas. The Inland Empire trailed only Ocala, Fla., and Wilmington, N.C., two metro areas in low-tax, high-growth states, and was the only California entity in the top 15. "This study shows that this area is an economic powerhouse and will remain one for the next several decades," Ontario City Manager Greg Devereaux said. "This area is Orange County from...

In a public mea culpa, Mozilla Corp.'s chief security officer acknowledged today that Firefox includes the same flaw that the company called a "critical vulnerability" in Internet Explorer during a two-week ruckus over responsibility for a Windows zero-day bug. "Over the weekend, we learned about a new scenario that identifies ways that Firefox could also be used as the entry point," said Window Snyder of Mozilla. "While browsing with Firefox, a specially crafted URL could potentially be used to send bad data to another application. "We thought this was just a problem with IE," Snyder continued. "It turns out, it...

Steve Jobs at Apple Worldwide Developers Conferences announces - 11:10 am - Safari 3 on leopard...now runs on xp/vista Live transcript: http://www.macrumorslive.com/

Vulnerable 3rd-party component used by more than two-dozen vendors. A vulnerability within a software component used in more than 70 products could allow for an attacker to remotely run malware on a targeted system. The vulnerability lies in NCTAudioFile2.dll, an ActiveX component used by Internet Explorer. An attacker could use a specially crafted web page to exploit the vulnerability and take control of a system, warned Danish security firm Secunia. The component is made by Online Media Technologies Ltd., a UK-based firm that produces .net and ActiveX components for developers. The company said its clients include AT&T, Dell, and Intel....

People may be passionate about their favorite sports team, but if you really want to get them fired up, ask what Web browser they use. There's the "if it ain't broke, don't fix it" crowd who tend to stick with the browser that's included with their operating system -- Microsoft's Internet Explorer on Windows and Apple's Safari on the Mac. There are the "I've just gotta be me" folks who prefer lesser-known browsers, such as Opera from Opera Software. And there are the "live free or die" open-source true believers who champion Mozilla's Firefox above its commercial counterparts. Then there...

Microsoft on Wednesday launched the first major update to Internet Explorer in five years, and posted the new browser for Windows XP to a download site. IE 7, which has was announced in February 2005 by chairman Bill Gates, has been touted by the company as a significant update in the areas of security and usability. The interface has been streamlined and tabs have been added to compete with rivals such as Mozilla's Firefox and Opera's flagship browser. On the security front, IE 7 adds anti-phishing defenses as well as additional features to control ActiveX controls, which historically have been...

Microsoft on Tuesday broke with its regular security update schedule for only the second time this year to issue a patch for a critical Internet Explorer vulnerability that's been exploited for more than a week. MS06-055 provides a fix for the flaw in IE 5.01 and IE 6.0, Microsoft said in the accompany bulletin, and should be applied immediately. The Redmond, Wash. developer pegged the bug as "Critical," its most dire warning, for editions of IE running on Windows 2000, Windows XP, and Windows Server 2003 machines. Windows Server 2003 SP1 is at slightly less risk. "An attacker who successfully...

Exploits against the unpatched vulnerability in Microsoft's Internet Explorer are increasing and attackers are gathering momentum, researchers said Thursday. They warned that the problem would become worse if cyber criminals attack via e-mail next. "It might come to nothing, but it feels like a storm's coming," said Roger Thompson, the chief technology officer at Exploit Prevention Labs. "The potential is there. Call it a storm watch, not a storm warning." At least two different exploits have appeared this week, said Thompson, one linked to the Russian-made hacker exploit kit called WebAttacker, the other posted early Thursday on the xSec gray-hat...

Miscreants are using an unpatched security bug in Internet Explorer to install malicious software from rigged Web sites, experts warned Tuesday. The vulnerability lies in the way IE 6 handles certain graphics. Malicious software can be loaded, unbeknownst to the user, onto a vulnerable Windows PC when the user clicks on a malicious link on a Web site or an e-mail message, several security companies said. "Fully patched Internet Explorer browsers are vulnerable," Ken Dunham, director of the rapid response team at VeriSign's iDefense, said in an e-mailed statement. "This new zero-day attack is trivial to reproduce and has great...

Although Microsoft has acknowledged that in-the-wild exploits are taking advantage of an unpatched flaw in Internet Explorer, the developer has not committed to cranking out a fix before next month's regularly-scheduled update on Oct. 10. Users who want to protect themselves now, however, do have options. Disable the vulnerable .dll: In the security advisory posted yesterday, Microsoft suggested that users can disable the vulnerable "Vgx.dll" from the command line. -- Click Start, choose Run, and then type -- regsvr32 -u "%ProgramFiles%\Common Files\Microsoft Shared\VGX\vgx.dll -- Click OK, then click OK again in the confirmation dialog that appears. To undo the command,...

An unpatched vulnerability in all editions of Microsoft's Internet Explorer browser is being exploited, security researchers said Tuesday, with the attack dumping a broad range of adware, spyware, and Trojans onto PCs whose users simply surf to an infected or malicious site. First reported by Sunbelt Software -- although rival Internet Security Systems claimed it was the first to discover the bug -- the vulnerability is in how IE renders VML (Vector Mark-up Language), an extension of XML that defines on-the-Web images in vector graphics format. The previously unknown -- and thus unpatched -- bug inside IE is already being...

Websense raises the alarm about a phishing Trojan that uses a new technique to cloak its activity. The Web security company said that the Trojan, which installs itself as an Internet Explorer helper object, waits for the user to enter information in specific Web site forms -- particularly online banking sites -- then zaps the stolen data back to the attacker. What's unique about the new Trojan, said Websense, is that it delivers that data via ICMP packets. Keylogging Trojans usually transmit purloined usernames and passwords via e-mail or a HTTP POST command. Both can be easily spotted. "Instead, this...

In a recent blog posting , Microsoft Internet Explorer (IE) Lead Program Manager Chris Wilson revealed many of the technical improvements that Microsoft will add to IE 7.0 for its final release. Almost all the improvements are related to bugs in IE's implementation of Cascading Style Sheets (CSS), an HTML-like technology that Web developers use to create Web sites. Many of these bugs aren't fixed in the currently available IE 7.0 Beta 1 release, Wilson noted. Wilson's post raises some serious questions about IE 7.0, not the least of which is this: If IE 7.0 Beta 1 doesn't include the...

After a brief period of little growth this spring, The Mozilla Foundation’s open-source Firefox Web browser is again gaining ground on Microsoft Corp.’s Internet Explorer (IE). In its latest study on Web browser usage, Netherlands-based OneStat.com said Sunday that Firefox gained 1.14 percent in June and is now used by 12.93 percent of surfers. That’s up from 11.79 percent who used Firefox in May, while IE use declined by 2.12 percent to 83.05 percent. “We thought that Firefox growth had slowed down,” said Niels Brinkman, a co-founder of OneStat.com. “It seems it’s increasing again. That’s a little bit of a...

Multiple security organizations warned Tuesday that Internet Explorer, Firefox, Mozilla, and SeaMonkey -- on Windows, Linux, and the Mac -- are vulnerable to a JavaScript bug that could allow a determined attacker to dupe users into giving up sensitive personal information such as credit card or bank account numbers and passwords. According to Symantec, which issued an alert late afternoon Tuesday, all versions of the Microsoft and Mozilla browsers could be used to harvest data through a JavaScript key-filtering vulnerability. "This issue is triggered by utilizing JavaScript 'OnKeyDown' events to capture and duplicate keystrokes from users," went the Symantec warning....

Researchers have identified an "insidious" threat affecting Yahoo Messenger. A self-propagating worm, named yhoo32.explr, installs a piece of software called 'Safety Browser' and then hijacks the Internet Explorer homepage, leading users to a site that puts spyware on their PCs. Because Safety Browser uses the IE icon to identify itself, users can easily mistake it for the legitimate Internet Explorer. This is the first recorded incidence of malware installing its own web browser on a PC without the user's permission, according to security firm FaceTime. The self-propagating worm spreads the infection to all contacts in Yahoo! Messenger by sending a...

Despite all the hoopla about the introduction of Windows Vista, the truth of the matter is that the new OS isn't due for at least another seven to nine months — and it will probably be even longer before most of us start adopting it. Meanwhile, we've still got to deal with Win XP. In order to make the waiting easier, we've decided to assemble the greatest tips in the history of Windows XP. Here you'll find the tips that give you the most bang for your buck; that are most useful in terms of security, functionality, and PC performance;...

Last month, security researcher HD Moore decided to write a simple program that would mangle the code found in web pages and gauge the effect such data would have on the major browsers. The result: hundreds of crashes and the discovery of several dozen flaws. The technique - called packet, or data, fuzzing - is frequently used to find flaws in network applications. Moore and others are now turning the tool on browsers to startling results. In a few weeks, the researcher had found hundreds of ways to crash Internet Explorer and, to a lesser extent, other browsers. In another...

Mozilla.org's open-source Firefox browser has grabbed 10 percent of the Web browser market. Data released yesterday by Web audience-measurement firm NetApplications.com show that just over 10 percent of users use the Firefox browser, up almost 2.5 percent from from February. Microsoft's Internet Explorer led all browsers with 84.7 percent of users in March, while Apple's Safari browser was third with 3.2 percent. Computerworld reports that "in the past year, Firefox has gained 3.3 percent share while introducing Version 1.5 of the browser with improved features. Internet Explorer has lost 3.9 percent as users wait for Internet Explorer 7, which boasts...

People are being warned about spam e-mails containing BBC News stories designed to trick them into visiting malicious websites. Cyber criminals are using the messages to exploit a recently discovered flaw in Microsoft's Internet Explorer. If users click on the link, they are taken to a fake website that installs a piece of software that can monitor online financial activity. People who receive the e-mails are advised to not follow the link. The alert, from security firm Websense, comes less than a week after security firms found three flaws in the popular browser. Spoof sites The new threat takes advantage...

A developers' version of Firefox 2.0 targeted for release Tuesday evening aims to test the back-end infrastructure supporting the browser's new bookmarks, or Places, functionality. Firefox 2.0 Bon Echo Alpha 1, designed to serve as a developer's and tester's preview, focuses on improving access and ease of use for Web site history and bookmarks, according to the Mozilla wiki. The Places functionality aims to consolidate user data formats, as well as improve the capabilities of Live Bookmarks. "The BonEcho Alpha 1 milestone is the first of many developer milestones on the path to Firefox 2," Mike Schroepfer, vice president of...

Microsoft plans to take the wraps off Internet Explorer 7 on Tuesday, releasing the new "preview" version of its Web browser to the general public for testing. The program, still a work in progress, will be available shortly for download from the Internet Explorer section of Microsoft's corporate Web site, the company said. The company, which began limited testing in July, had promised to deliver a public beta by the end of March. "The big update is that it's public," said Margaret Cobb, group product manager for Internet Explorer at Microsoft. "All previous releases were limited." The latest version works...

The minority of Mac users still browsing with Internet Explorer need to consider moving to another browser very quickly, as Microsoft plans to discontinue support for IE beginning Dec. 31. The news, which came in a statement on Friday, may not have come as a complete surprise to Mac users: Microsoft announced back in June 2003 that it was ending Mac support for IE. Microsoft has not upgraded the software in three years, leaving IE 5--rather than version 6, which is available for Windows--as the most recent version available to Mac users. While IE for Mac will continue to be...

Before all you anti-MS fanboys attack my setup let me first say I am an ASP/VB web developer for an online company and require IE and MS so save the firefox/mac posts for another day. On to the problem at hand... I got the automatic update last night on my XP pro system and now my IE acts very odd. It seems to open fine but it always opens a new window no matter how I try (ie. type in an addres, using favorites). The original window stays open but it doesnt allow any interaction with it. If I try...

Google was so concerned that a flaw in Microsoft's IE browser might compromise its toolbar technology it managed to fixed it within a few days of finding out about the problem. Microsoft, on the other hand, has known about the problem for six months and is promising that a patch might be available next Tuesday, possibly, maybe.

A security researcher in Israel has found a way to steal information from unwitting users of Google's desktop search tool by exploiting an unpatched flaw in Microsoft's ubiquitous Internet Explorer. There is a bug in the way the Web browser processes CSS rules, Matan Gillon wrote in a description of his hack posted on Wednesday. CSS, or Cascading Style Sheets, is a method for setting common styles across multiple Web pages. The Web design technique is widely used on many sites across the Internet.

Two new pieces of computer code that could be used in cyberattacks on Windows users were posted on the Web on Wednesday and Thursday. The exploit posted Thursday is another that could allow a remote attacker to gain complete control over a vulnerable computer. The code takes advantage of a flaw in a Windows component for transaction processing, called the Microsoft Distributed Transaction Coordinator. Microsoft addressed the flaw in security bulletin MS05-051 in October.

The release of a Trojan that exploits an unpatched IE hole has prompted speculation that Microsoft may release an emergency out-of-cycle security patch. The Delf-DH Trojan downloader uses an Internet Explorer vulnerability to infect unprotected Windows users who stray onto maliciously constructed websites. Delf-DH downloads other malware onto infected machines changing settings in order to monitor user activity and redirect surfers onto porn sites. The attack relies on a flaw in the way IE handles requests to the window() object, highlighted by proof-of-concept code last week and now used in anger by VXers. Even fully patched Windows 2000 and Windows...

"Wow, in just one day, Firefox 1.5 has already been downloaded more than 1.5 million times. That smashes our 1.0 first day downloads by half a million," said Dotzler in his blog. "If you haven't downloaded Firefox 1.5, get it while it's hot!" This demand appears to be continuing, according to a blog post from Chris Beard, the vice-president of products at Mozilla. "There are now more than two million people enjoying a better Web experience with Firefox 1.5. Demand continues to be high, greatly exceeding what we saw last year with the release of Firefox 1.0," said Beard. Firefox...

Microsoft acknowledged Tuesday that malicious software targeting an unpatched bug in Internet Explorer is on the loose, and urged users to run a complete system scan on its new Windows Live Safety Center -- which has a quirk of its own -- to detect and delete the code. In an update of a security advisory issued Nov. 21, Microsoft noted that both proof-of-concept code and an exploit are in circulation. The exploit can compromise PCs running IE on a host of the company's operating systems, including Windows 98, Windows Me, Windows 2000, and Windows XP. The bug, which was reported...

Browser competition hasn't been this fierce since the mid-1990s, and the fight is becoming even more intense as Microsoft, Mozilla, and Opera ready new versions of their software for release. With version 7 of Internet Explorer, Microsoft's developers have seriously overhauled the browser, giving it popular features such as tabbed browsing, as well as improved security, thus closing the gap between it and its rivals. But even though the new iterations of both Firefox and Opera bring mostly incremental changes, that's still enough to keep them ahead of IE.We took Internet Explorer 7 Beta 1, Firefox 1.5 Release Candidate 1,...

Firefox turned one year old Wednesday, marking yet another milestone for the popular open-source browser. Since the debut of Firefox 1.0 last November, users have downloaded 106.4 million copies of the open-source Web browser, according to the Mozilla Foundation, which coordinated the development of Firefox. And within a span of a year, Firefox has grabbed 8.65 percent of the market and put a dent into Internet Explorer's dominance, according to NetApplications' October results. "At the launch, we had a million downloads on the first day and have not seen any let up in demand," said Chris Beard, head of marketing...

Text of E-Mail Sent to The New York Times Staff by Its Executive Editor Skip directly to the full story. The Associated Press Published: Oct 21, 2005 Text of an e-mail sent to the staff at The New York Times from Bill Keller, the paper's executive editor: --- Title: Memo from NYT executive editor Bill Keller A Message from Bill Keller: Colleagues, As you can imagine, I've done a lot of thinking - and a lot of listening - on the subject of what I should have done differently in handling our reporter's entanglement in the White House leak investigation....

A new flaw in Internet Explorer could be exploited to launch spoof-based attacks, or access and change data on vulnerable PCs, security experts have warned. The problem lies in the way Microsoft has implemented a JavaScript component in its Web browser, security researcher Amit Klein wrote in a research document. Internet Explorer does not validate some data fields provided by a PC when the component, called XmlHttpRequest, is used, he wrote. The vulnerability could be exploited with specially crafted code. An attacker could spoof a legitimate Web site, access data from the Web browser's cache or stage a so-called man-in-the-middle...

A flaw has been discovered in Internet Explorer that could enable a remote attack on systems running Windows XP with Service Pack 2, eEye Digital Security has warned. The flaw, which also affects systems running Windows XP, is found in the default installations of Microsoft's IE, according to an advisory released by the security company on Thursday. .....snip..... Because the details of the vulnerabilities have not been made public, users are not at risk of an exploit being developed to take advantage of the flaw, the representative said.

The advent of Firefox and other Web browser alternatives to Internet Explorer means cybercops have to learn new tricks for their investigations. Internet Explorer hides nothing from cops and other investigators who examine PCs to discover which sites the user has visited. They know the location of the IE browser cache, cookie files and history and know how to read those files. Also, popular forensics tools can help out. But that story changes when it comes to alternative browsers such as Firefox and Opera. These programs use different structures, files and naming conventions for the data investigators are after and...

A new, unpatched flaw in Internet Explorer could let miscreants surreptitiously run malicious code on Windows PCs, according to the discoverer of the bug. The problem affects Internet Explorer 6--the latest version of Microsoft's Web browser--on computers running Windows XP with Service Pack 2 and all security patches installed, Tom Ferris, an independent security researcher in Mission Viejo, Calif., said in an interview Monday. Other versions of Windows and IE may also be vulnerable, he said. The security hole allows for "full-blown remote code execution," Ferris said. "If a user browses to a bad Web site, malicious software can...