New Zero-Day Exploit targeting Internet Explorer

admin

Administrator
Staff member
There`s a new bug to be worried about if your an IE user, this is doing the rounds in the technology sites and blogs.

FireEye Research Labs identified a new Internet Explorer (IE) zero-day exploit used in targeted attacks. The vulnerability affects IE6 through IE11, but the attack is targeting IE9 through IE11. This zero-day bypasses both ASLR and DEP. Microsoft has assigned CVE-2014-1776 to the vulnerability and released security advisory to track this issue.

Source: http://www.fireeye.com/blog/uncateg...hrough-11-identified-in-targeted-attacks.html
 

Genesis

Administrator
Staff member
Hopefully mine is too old for the attackers to be targeting. I've got 8. :p

I rarely use it though.
 

Genesis

Administrator
Staff member
The only reason I use it is because of Expression Web. haven't used Expression web in a while though, so Mozilla Firefox is really my regular browser with Safari on the side.
 

GigaGreg

Moderator
Staff member
Most of the British and American people are using IE still! That is shocking. I have seen that bug today, totaly shocked.
 

Genesis

Administrator
Staff member
That's quite a sweeping statement there IG. On what stats are you basing that statement?
 

Genesis

Administrator
Staff member
Haha ... OK in my own life at work, which is a large corporation, I've noticed that IE somehow travels with Microsoft environment. Like at work it is a Microsoft OS with Microsoft application software and then of course IE sort of defaults with it all. Quite often one will find some dedicated software that has been developed for special applications of the corporation that has to work with IE, but in the last two years I've noticed that one can now use Mozilla Firefox as well. Now and then there's a snag, i.e. a feature may not work in other browsers, but who knows, maybe things are in the process of changing. I'm in the UAE. In overal IE doesn't have a great reputation here as in our homes I'd say the majority use something like Mozilla Firefox, Safari or Opera because of IE's user limitations in comparison with the others.
 

admin

Administrator
Staff member
Well it appears Microsoft are applying a fix to Windows XP`s Internet Explorer.

74594179000217340-1.jpg



Microsoft has said users of its Windows XP operating system will also get the security update it has issued to fix a flaw in the Internet Explorer browser.

Source: http://www.bbc.co.uk/news/technology-27249695
 

NoelF1

New member
Thank goodness I use a mix of Chrome, FF and Opera, having abandoned IE years ago.

It's also quite surprising how much of the computer population is still using Win XP, especially companies even though Win 7 was a solid OS.
 

Genesis

Administrator
Staff member
DJB said:
Well it appears Microsoft are applying a fix to Windows XP`s Internet Explorer.

74594179000217340-1.jpg



Microsoft has said users of its Windows XP operating system will also get the security update it has issued to fix a flaw in the Internet Explorer browser.

Source: http://www.bbc.co.uk/news/technology-27249695
Thanks Chris. This is awesome. I managed to track the Official Microsoft blog post that says if one's OS is on automatic updates it will happen automatically, but I didn't want to leave it to chance. Went to Microsoft Website and downloaded and installed it. Hopefully I'm OK for now.

Blog post makes for interesting reading. I'm just wondering, playing Devil's Advocate here. If Microsoft says one should keep one's "automatic updates" open all of the time, if there were rogues around in the face of no further security updates, won't they be able to exploit the automatic update feature?
I use Mozilla Firefox as a rule, but have just used IE to check the updates history after I rebooted and IE is much MUCH faster than before. Must have been vulnerable before as it felt really wonky before I downloaded and installed the crucial update. So at least thanks Microsoft for providing this to us. Gotta give the devil its due. :p
 

huiskesmartijn

New member
True, there was a newpaper article in the dutch newspaper in which the police said to not use Internet Explorer anymore. It's a remote execution vulnerability I've read. be carefull guys!
 

Ketchup

New member
People still use internet explorer :huh: Honestly everyone should upgrade to either chrome or firefox way better security and safety for their users.
 

jaran

New member
Microsoft is always growing with stupid conspiracy like this. On their mind, we should buying and buying their product. Thats why Steve Jobs saying if microsoft playing likes a cow.
 

Genesis

Administrator
Staff member
jaran said:
Microsoft is always growing with stupid conspiracy like this. On their mind, we should buying and buying their product. Thats why Steve Jobs saying if microsoft playing likes a cow.
:good: Totally on the mark for me too. Not only is mIcrosoft in a conspiracy but all of the hardware manufacturers like Hewlett Packard, Dell, etc. etc. are into this conspiracy too. Quite OK not to make a new driver for Windows 7 and upwards for a perfectly good printer - HP Laserjet 1000 in HP's book. Just imagine how good that is for the environment as well. Every one needing to upgrade their computers and peripheral equipment that had probably been deliberately designed for obsolescence as well to make sure that those who use the next Windows will need to purchase upgraded equipment come the next round of a new Windows OS.