Results 1 to 8 of 8

Thread: Internet Explorer 7 Vulnerable?

  1. #1
    Senior Member
    Join Date
    Jan 2010
    Posts
    140

    Default Internet Explorer 7 Vulnerable?

    There seems to be a lot of talk about a exploit that targets internet explorer. According to this article (hxxp://tech.yahoo.com/news/ap/20081215/ap_on_hi_te/tec_internet_explorer_security) Microsoft is considering releasing a patch outside of their regular schedule. Most of our clients run explorer 7 as their internet browser. What is the best way to protect someone against a known threat that there is no patch for? It's tough when people express concern and the only answer you can give them is to stay offline as much as possible until it is patched. You can't convince everyone to move to another browser and some people would rather ignore the fact that exploits exist at all.

    EDIT: The microsoft security advisory for this particular flaw is here (hxxp://www.microsoft.com/technet/security/advisory/961051.mspx)

  2. #2
    Just burned his ISO Lammer's Avatar
    Join Date
    Nov 2008
    Posts
    11

    Default

    Hi.
    Well if they don't "belive" in exploitation, why don't you demonstrate to them?
    Pop a box inside that lan invironment and you will probably see 90% of them changing to FF.
    About the protection, i belive the best way is to not use IE with ou without patches...
    Sorry if this answere just fills the post without any kind of help.. i'm just a n00b
    Sorry for my english
    Regards

  3. #3
    Very good friend of the forum killadaninja's Avatar
    Join Date
    Oct 2007
    Location
    London, United Kingdom.
    Posts
    526

    Default

    The flaw lets criminals commandeer victims' machines merely by tricking them into visiting Web sites tainted with malicious programming code. As many as 10,000 sites have been compromised since last week to exploit the browser flaw.

    This is not nothing new, it has always been possible to deliever malicious payloads over http. Stay away from irregular sites and unusual links, run an uptodate realtime runnable AV and of coarse like the geniuses at microsoft say, stay offline asmuch as possible lol
    Sometimes I try to fit a 16-character string into an 8–byte space, on purpose.

  4. #4
    Good friend of the forums
    Join Date
    Jan 2010
    Location
    outside chicago, il
    Posts
    442

    Default

    Quote Originally Posted by Lammer View Post
    Hi.
    Well if they don't "belive" in exploitation, why don't you demonstrate to them?
    Pop a box inside that lan invironment and you will probably see 90% of them changing to FF.
    About the protection, i belive the best way is to not use IE with ou without patches...
    Sorry if this answere just fills the post without any kind of help.. i'm just a n00b
    Sorry for my english
    Regards
    I just tried to pay a credit card online. I go through all of the steps and I get "Call the phone number on the back of the card". I call and ask for online support. The first thing they ask (after name and security question) is are you using Internet Explorer? I say No I use Firefox. They tell I have to use IE before they will help me. I have to launch IE7 to prove that Firefox isn't causing the problem.

    I use Firefox everyday but it is situations like this that force me to keep windows around.
    I like the bleeding edge, but I don't like blood loss

  5. #5
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by bofh28 View Post
    I just tried to pay a credit card online. I go through all of the steps and I get "Call the phone number on the back of the card". I call and ask for online support. The first thing they ask (after name and security question) is are you using Internet Explorer? I say No I use Firefox. They tell I have to use IE before they will help me. I have to launch IE7 to prove that Firefox isn't causing the problem.

    I use Firefox everyday but it is situations like this that force me to keep windows around.
    I've had some issues like that with some Web managed hardware at work. In particular an Modicon Ethernet module that we had problems with. When I called Tech support I tried to explain to the guy that the device wasn't even responding on port 80, but he wanted me to find a machine with IE6 because not only did they not support FF, but they also didn't support IE7.

    I gave up talking to "Steve" from Mumbai, India and went straight to my distributor to have the unit replaced. Turns out the new unit worked just fine in FF.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  6. #6
    Good friend of the forums
    Join Date
    Jan 2010
    Location
    outside chicago, il
    Posts
    442

    Default

    Quote Originally Posted by streaker69 View Post
    I've had some issues like that with some Web managed hardware at work. In particular an Modicon Ethernet module that we had problems with. When I called Tech support I tried to explain to the guy that the device wasn't even responding on port 80, but he wanted me to find a machine with IE6 because not only did they not support FF, but they also didn't support IE7.

    I gave up talking to "Steve" from Mumbai, India and went straight to my distributor to have the unit replaced. Turns out the new unit worked just fine in FF.
    I know "Steve" from Mumbai, India too. I also know "Bob" and "John". Now that I think about it I have never talked to a women tech support person from India.
    I like the bleeding edge, but I don't like blood loss

  7. #7
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  8. #8

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •