Oct 12: Three new critical IE security holes found

Discussion in 'Computer Support' started by Bruce the Shark, Oct 12, 2004.

  1. From http://tinyurl.com/4p3ao (ie.
    http://news.com.com/Microsoft warns...flaws/2100-1002_3-5406550.html?tag=nefd.top):

    "Microsoft published 10 software security advisories on Tuesday, warning
    Windows users and corporate administrators of 22 new flaws that affect the
    company's products. The advisories, and patches published with the
    bulletins, range from an 'important' flaw affecting only Microsoft Windows
    NT Server to a collection of eight security holes, including three rated
    'critical,' that leave Internet Explorer open to attack."

    Three more critical IE security holes? Try Firefox instead:

    http://www.mozilla.org/products/firefox/
     
    Bruce the Shark, Oct 12, 2004
    #1
    1. Advertising

  2. Bruce the Shark

    Fuzzy Logic Guest

    "Bruce the Shark" <> wrote in
    news:416c3dd7$:

    > From http://tinyurl.com/4p3ao (ie.
    > http://news.com.com/Microsoft warns of a score of security flaws/2100-100
    > 2_3-5406550.html?tag=nefd.top):
    >
    > "Microsoft published 10 software security advisories on Tuesday, warning
    > Windows users and corporate administrators of 22 new flaws that affect
    > the company's products. The advisories, and patches published with the
    > bulletins, range from an 'important' flaw affecting only Microsoft
    > Windows NT Server to a collection of eight security holes, including
    > three rated 'critical,' that leave Internet Explorer open to attack."
    >
    > Three more critical IE security holes? Try Firefox instead:
    >
    > http://www.mozilla.org/products/firefox/


    So I should change to Firefox because 3 holes in IE have been plugged? I
    guess the next time a critical flaw in Firefox is found and fixed I should
    suggest you switch to IE!

    There will continue to be new flaws discovered in IE as well as Firefox.
    It's important to use a well supported browser that YOU like and lock it
    down and keep it patched. Switching will not suddenly make you invincible on
    the net. Security is a process, not a particular piece of software. I
    particularily like this quote:

    "Yet simply switching is not an effective security solution. Only if you use
    the proper security tools and remain vigilant about staying up to date and
    cautious about what you do online should you start to feel some sense of
    comfort."

    source <http://www.pcmag.com/print_article/0,1761,a=130479,00.asp>
     
    Fuzzy Logic, Oct 12, 2004
    #2
    1. Advertising

  3. Bruce the Shark

    KHaled Guest

    == deleted ==

    When a "hole" is discovered in IE, does that also affect clones
    such as maxthon, avante, etc. ?

    TIA,
    KH.
     
    KHaled, Oct 13, 2004
    #3
  4. Bruce the Shark

    WormWood Guest

    No.

    "KHaled" <> wrote in message
    news:Xns958158E215FDFkhaledlocalhost@130.133.1.4...
    | == deleted ==
    |
    | When a "hole" is discovered in IE, does that also affect clones
    | such as maxthon, avante, etc. ?
    |
    | TIA,
    | KH.
     
    WormWood, Oct 13, 2004
    #4
  5. >When a "hole" is discovered in IE, does that also affect clones
    >such as maxthon, avante, etc. ?


    Probably. there is one program called QwikFix that locks down the My Computer
    Zone. Also SP2 XP2 really helps security in general.

    there was one exploit that was in Mozilla, Opera, and IE. basically it hit
    every browser on windows except text ones like lynx or scriptless ones like
    Amaya.

    I bet a lot of less exploits get posted cause of SP2.

    QwikFix is free till the end of the month i think.

    michael
     
    SchroedingerzKat, Oct 13, 2004
    #5
  6. Bruce the Shark

    Aaron Guest

    KHaled <> wrote in news:Xns958158E215FDFkhaledlocalhost@
    130.133.1.4:

    > == deleted ==
    >
    > When a "hole" is discovered in IE, does that also affect clones
    > such as maxthon, avante, etc. ?


    Generally yes. So you still need to update.

    > TIA,
    > KH.
     
    Aaron, Oct 13, 2004
    #6
  7. Bruce the Shark

    Klaatu Guest

    On Wed, 13 Oct 2004 07:10:33 GMT, WormWood posted to alt.comp.freeware:

    > "KHaled" <> wrote in message
    > news:Xns958158E215FDFkhaledlocalhost@130.133.1.4...
    > |
    > | When a "hole" is discovered in IE, does that also affect clones
    > | such as maxthon, avante, etc. ?
    >
    > No.


    Huh?!? I believe the answer is that, in many if not most cases, yes.

    But a better answer could be: it depends.

    --
    I am not young enough to know everything.
     
    Klaatu, Oct 13, 2004
    #7
  8. KHaled wrote:

    > When a "hole" is discovered in IE, does that also affect clones
    > such as maxthon, avante, etc. ?


    Of course! They're based on IE's code, so if something in IE needs
    fixing, then so do they. They're called "piggyback" apps.
     
    Bruce the Shark, Oct 13, 2004
    #8
  9. Fuzzy Logic wrote:

    > So I should change to Firefox because 3 holes in IE have been plugged?


    I'd recommend it. Too many critical flaws keep getting found in IE.
    The flaws in Firefox are not usually critical, according to Secunia.com.
    The point of my post was: IE keeps getting critical updates, whereas
    Firefox doesn't... now decide which is better.

    > I guess the next time a critical flaw in Firefox is found and fixed
    > I should suggest you switch to IE!


    See above. Critical flaws in Firefox are extremely rare.
     
    Bruce the Shark, Oct 13, 2004
    #9
  10. Bruce the Shark

    Tim Weaver Guest

    Bruce the Shark wrote:
    > KHaled wrote:
    >
    >> When a "hole" is discovered in IE, does that also affect clones such
    >> as maxthon, avante, etc. ?

    >
    > Of course! They're based on IE's code, so if something in IE needs
    > fixing, then so do they. They're called "piggyback" apps.


    That's misleading. When IE gets patched, any IE front-end will be patched,
    as well. They're not *based* on IE's HTML engine, they *use* it.
    --
    Tim Weaver
     
    Tim Weaver, Oct 13, 2004
    #10
  11. Bruce the Shark

    WormWood Guest

    "Klaatu" <> wrote in message
    news:Xns9581586EEFB2Fklaatunospaminvalid@127.0.0.1...
    | On Wed, 13 Oct 2004 07:10:33 GMT, WormWood posted to
    alt.comp.freeware:
    |
    | > "KHaled" <> wrote in message
    | > news:Xns958158E215FDFkhaledlocalhost@130.133.1.4...
    | > |
    | > | When a "hole" is discovered in IE, does that also affect clones
    | > | such as maxthon, avante, etc. ?
    | >
    | > No.
    |
    | Huh?!? I believe the answer is that, in many if not most cases, yes.
    |

    I haven't used clones such as maxthon, avante nor others, if exist.
    IIRC, the PC was once, maybe still is, referred to as an IBM clone. So,
    yeah, if they use a MS OS, the upgrade would apply to them as well. When
    I posted my reply I may have been thinking of Linux, MAC, and the likes
    of that.


    | But a better answer could be: it depends.

    Depends? That's a nursing home loo, innit?
     
    WormWood, Oct 14, 2004
    #11
  12. On Thu, 14 Oct 2004 00:22:20 -0400, WormWood <>
    wrote in <news:>:

    > "Klaatu" <> wrote in message
    > news:Xns9581586EEFB2Fklaatunospaminvalid@127.0.0.1...
    >| On Wed, 13 Oct 2004 07:10:33 GMT, WormWood posted to
    > alt.comp.freeware:
    >|
    >|> "KHaled" <> wrote in message
    >|> news:Xns958158E215FDFkhaledlocalhost@130.133.1.4...
    >|> |
    >|> | When a "hole" is discovered in IE, does that also affect clones
    >|> | such as maxthon, avante, etc. ?
    >|>
    >|> No.
    >|
    >| Huh?!? I believe the answer is that, in many if not most cases, yes.
    >|
    >
    > I haven't used clones such as maxthon, avante nor others, if exist.
    > IIRC, the PC was once, maybe still is, referred to as an IBM clone. So,
    > yeah, if they use a MS OS, the upgrade would apply to them as well. When
    > I posted my reply I may have been thinking of Linux, MAC, and the likes
    > of that.
    >
    >| But a better answer could be: it depends.
    >
    > Depends? That's a nursing home loo, innit?


    "innit" as in "Innit, not attit", I suppose

    --
    Regards,
    Nicolaas.


    - Adults are obsolete children.
     
    Nicolaas Hawkins, Oct 14, 2004
    #12
  13. Fuzzy Logic <> wrote in message news:<Xns958099068FEFBbobarcabca@198.161.157.145>...
    > "Bruce the Shark" <> wrote in
    > news:416c3dd7$:
    >
    > > From http://tinyurl.com/4p3ao (ie.
    > > http://news.com.com/Microsoft warns of a score of security flaws/2100-100
    > > 2_3-5406550.html?tag=nefd.top):
    > >
    > > "Microsoft published 10 software security advisories on Tuesday, warning
    > > Windows users and corporate administrators of 22 new flaws that affect
    > > the company's products. The advisories, and patches published with the
    > > bulletins, range from an 'important' flaw affecting only Microsoft
    > > Windows NT Server to a collection of eight security holes, including
    > > three rated 'critical,' that leave Internet Explorer open to attack."
    > >
    > > Three more critical IE security holes? Try Firefox instead:
    > >
    > > http://www.mozilla.org/products/firefox/

    >
    > So I should change to Firefox because 3 holes in IE have been plugged? I
    > guess the next time a critical flaw in Firefox is found and fixed I should
    > suggest you switch to IE!
    >
    > There will continue to be new flaws discovered in IE as well as Firefox.
    > It's important to use a well supported browser that YOU like and lock it
    > down and keep it patched. Switching will not suddenly make you invincible on
    > the net. Security is a process, not a particular piece of software. I
    > particularily like this quote:


    You are right to use something you like. But some things to consider:

    1. There are many software products that don't have continual problems

    2. IE is always a "sloppy third" when it comes to useful features

    3. Why use a product that installs hidden directories, files, and
    keeps files present when you have removed the program
    MS has some control issues :)

    > "Yet simply switching is not an effective security solution. Only if you use
    > the proper security tools and remain vigilant about staying up to date and
    > cautious about what you do online should you start to feel some sense of
    > comfort."


    Switching as part of learning what works best is pretty good wisdom. I
    have been using Fprot for years but decided to try another product. I
    found a trojan with it.
     
    Calm n Collected, Oct 14, 2004
    #13
  14. Bruce the Shark

    Fuzzy Logic Guest

    (Calm n Collected) wrote in
    news::

    > Fuzzy Logic <> wrote in message
    > news:<Xns958099068FEFBbobarcabca@198.161.157.145>...
    >> "Bruce the Shark" <> wrote in
    >> news:416c3dd7$:
    >>
    >> > From http://tinyurl.com/4p3ao (ie.
    >> >

    http://news.com.com/Microsoft warns of a score of security flaws/2100-
    >> > 100 2_3-5406550.html?tag=nefd.top):
    >> >
    >> > "Microsoft published 10 software security advisories on Tuesday,
    >> > warning Windows users and corporate administrators of 22 new flaws
    >> > that affect the company's products. The advisories, and patches
    >> > published with the bulletins, range from an 'important' flaw
    >> > affecting only Microsoft Windows NT Server to a collection of eight
    >> > security holes, including three rated 'critical,' that leave Internet
    >> > Explorer open to attack."
    >> >
    >> > Three more critical IE security holes? Try Firefox instead:
    >> >
    >> > http://www.mozilla.org/products/firefox/

    >>
    >> So I should change to Firefox because 3 holes in IE have been plugged?
    >> I guess the next time a critical flaw in Firefox is found and fixed I
    >> should suggest you switch to IE!
    >>
    >> There will continue to be new flaws discovered in IE as well as
    >> Firefox. It's important to use a well supported browser that YOU like
    >> and lock it down and keep it patched. Switching will not suddenly make
    >> you invincible on the net. Security is a process, not a particular
    >> piece of software. I particularily like this quote:

    >
    > You are right to use something you like. But some things to consider:
    >
    > 1. There are many software products that don't have continual problems


    I have had very little in the way of problems with IE. I used to hate IE
    but has improved over the years.

    > 2. IE is always a "sloppy third" when it comes to useful features


    That's why I use Avant (an IE shell). Tabbed browsing, pop-up stopper, ad-
    blocker, highly customizable.

    > 3. Why use a product that installs hidden directories, files, and
    > keeps files present when you have removed the program
    > MS has some control issues :)


    Microsoft is not the only company guilty of installing hidden
    files/directories. I know where/what they are and have tools to properly
    remove/clean them. Regardless of which browser you use I think it's
    important to know all it's settings and how they work as well as where
    it's data is kept.

    >> "Yet simply switching is not an effective security solution. Only if
    >> you use the proper security tools and remain vigilant about staying up
    >> to date and cautious about what you do online should you start to feel
    >> some sense of comfort."

    >
    > Switching as part of learning what works best is pretty good wisdom. I
    > have been using Fprot for years but decided to try another product. I
    > found a trojan with it.


    I do computer support and evaluate a lot of different software products as
    part of my job. I only switch when I find something I think is worth the
    switch. I used to use IE got fed up with it switched to Netscape and have
    been using IE/Avant for the last few years.
     
    Fuzzy Logic, Oct 14, 2004
    #14
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Michael O'Keefe

    Security Holes

    Michael O'Keefe, Mar 2, 2005, in forum: Firefox
    Replies:
    2
    Views:
    512
    ..brian..
    Mar 2, 2005
  2. Ravi

    Check for security loop holes

    Ravi, Dec 20, 2003, in forum: Computer Security
    Replies:
    15
    Views:
    832
    Hairy One Kenobi
    Dec 23, 2003
  3. Imhotep

    Three more security holes in IE

    Imhotep, Mar 27, 2006, in forum: Computer Security
    Replies:
    0
    Views:
    466
    Imhotep
    Mar 27, 2006
  4. Au79
    Replies:
    0
    Views:
    490
  5. Harry Stottle
    Replies:
    0
    Views:
    1,179
    Harry Stottle
    Jan 5, 2010
Loading...

Share This Page