Major Vulnerability in Internet Explorer

Discussion in 'Computer Security' started by nemo_outis, Jan 18, 2010.

  1. nemo_outis

    nemo_outis Guest

    A vulnerability in Internet Explorer led to the major security breaches at Google
    which have subsequently caused it to consider abandoning China altogether (the
    "Aurora fiasco").

    The vulnerability is so severe that Germany has warned its citizens not to use
    Internet Explorer.

    German government warns against using MS Explorer
    http://news.bbc.co.uk/2/hi/technology/8463516.stm

    There is as yet no patch. Moreover, exploit code has "gone wild" from Wepawet and
    is now readily available on the net. For those who wish to - ahem! - examine the
    exploit source code the original version is posted on Metasploit here:

    http://www.metasploit.com/redmine/projects/framework/repository/revisions/8136/entry
    /modules/exploits/windows/browser/ie_aurora.rb

    and an "improved" more stable version here:

    http://ahmed.obied.net/software/code/exploits/ie_aurora.py

    The number of websites using the exploit is expected to proliferate rapidly. Until
    there is a patch it borders on foolhardy to continue using Internet Explorer (except
    possibly to connect to a very limited number of known, trusted websites).

    Regards,
    nemo_outis, Jan 18, 2010
    #1
    1. Advertising

  2. On Mon, 18 Jan 2010 01:37:44 GMT, nemo_outis wrote:

    > The number of websites using the exploit is expected to proliferate rapidly. Until
    > there is a patch it borders on foolhardy to continue using Internet Explorer (except
    > possibly to connect to a very limited number of known, trusted websites).


    Such good advice.

    NOT

    How about one of my banks who don't support online banking without IE
    yet they give me the highest rate on deposits. Should I tank them b/c
    nemo clitoris advises not to use IE?

    Exactly what is a "known, trusted" website, clit? By whose testing and
    whose definitions?

    Oh, I'm sorry, you can't respond since I am in your killfile.
    --
    A fireside chat not with Ari!
    http://tr.im/holj
    Motto: Live To Spooge It!
    ♥Ari♥, Jan 18, 2010
    #2
    1. Advertising

  3. nemo_outis

    Anonymous Guest

    > A vulnerability in Internet Explorer led to the major security breaches at
    > Google which have subsequently caused it to consider abandoning China
    > altogether (the "Aurora fiasco").
    >
    > The vulnerability is so severe that Germany has warned its citizens not to
    > use Internet Explorer.
    >
    > German government warns against using MS Explorer
    > http://news.bbc.co.uk/2/hi/technology/8463516.stm
    >
    > There is as yet no patch. Moreover, exploit code has "gone wild" from
    > Wepawet and is now readily available on the net. For those who wish to -
    > ahem! - examine the exploit source code the original version is posted on
    > Metasploit here:
    >
    > http://www.metasploit.com/redmine/projects/framework/repository/revisions/8136/entry
    > /modules/exploits/windows/browser/ie_aurora.rb
    >
    > and an "improved" more stable version here:
    >
    > http://ahmed.obied.net/software/code/exploits/ie_aurora.py
    >
    > The number of websites using the exploit is expected to proliferate rapidly.
    > Until there is a patch it borders on foolhardy to continue using Internet
    > Explorer (except possibly to connect to a very limited number of known,
    > trusted websites).
    >
    > Regards,


    These Microsoft excuses are quite amazing:

    >Microsoft rejected the warning, saying that the risk to users was low >and
    > that the browsers' increased security setting would prevent any >serious
    > risk.


    Low? Thats incouraging! It only low.

    >However, German authorities say that even this would not make IE fully >safe.
    >Thomas Baumgaertner, a spokesman for Microsoft in Germany, said that >while
    > they were aware of the warning, they did not agree with it, >saying that the
    > attacks on Google were by "highly motivated people with >a very specific
    > agenda".


    WOW! all we have to fear are these 'highly motivated people'. Of
    course, all other hackers are not highly motivated. We need not
    fear the hacker's highly motivated egos.
    Anonymous, Jan 19, 2010
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Imhotep
    Replies:
    6
    Views:
    569
    Imhotep
    Dec 21, 2005
  2. Imhotep
    Replies:
    16
    Views:
    1,067
    Imhotep
    Jun 3, 2006
  3. Imhotep
    Replies:
    0
    Views:
    439
    Imhotep
    May 27, 2006
  4. Imhotep
    Replies:
    0
    Views:
    465
    Imhotep
    Jun 3, 2006
  5. woo
    Replies:
    28
    Views:
    633
    Duane Arnold
    Dec 30, 2005
Loading...

Share This Page