Another Week Goes by and Internet Explorer Users Still Ripe for Hijacking

Dr. Roy Schestowitz

2009-11-29 15:44:14 UTC
Modified: 2009-11-29 15:44:14 UTC

Summary: Microsoft leaves Internet Explorer users high and dry for weeks, having not addressed a zero-day flaw that compromises the entire operating system

LAST week we wrote about the Internet Explorer zero-day flaw -- a flaw which Microsoft has not resolved yet. IDG writes:

Hackers working on the open-source Metasploit project have spiffed up a zero-day attack on Microsoft's Internet Explorer, making it more reliable -- and more likely to be used by criminals.

Security experts have been worried about the flaw since it was first disclosed on the Bugtraq mailing list Friday. But the original demonstration code was unreliable and has not been used in real-world attacks.

But then came this IDG report, an advisory (not the same as patch), and SJVN wrote:

Earlier this week Microsoft announced yet another IE (Internet Explorer) bug. This one, Microsoft Security Advisory 977981, is one of the really bad ones that can allow attackers to take your Windows PC over. Yuck!

[...]

I think your best move to keep the world from sneaking in some malware over your browser is to get the latest versions of Firefox 3.5.5 or Google's Chrome 3.0.x Web browser. Neither is perfect, but they are better than IE. I wish I could recommend Opera, but I continue to have real concerns about Opera's built-in Web server security.

Indeed, this is an opportunity to recommend that people secure themselves by moving to another Web browser. Microsoft Thurrott does Microsoft's "damage control", having previously incited people against rival Web browsers like Opera. Other coverage includes:

● Exploit code targets Internet Explorer zero-day display flaw

● New Security Flaw Hits Internet Explorer 6 & 7

● New attack targets weakness in Internet Explorer

● Microsoft Issues Internet Explorer Security Advisory

This is pretty serious.

Microsoft on Monday said it is investigating a possible vulnerability in Internet Explorer after exploit code that allegedly can be used to take control of computers, if they visit a Web site hosting the code, was posted to a security mailing list.

No report about a patch has been published yet. So, a good solution would be abandonment of Internet Explorer. ⬆

Smelling an opportunity

Microsofters' SLAPP Censorship - Part 2 Out of 200: Detailed Timeline From 2012 (Attack on Reporters That Question Restricted Boot) to 2024 (Lawsuit Against Reporter and His Wife in Another Continent): we reproduce a document produced 2 years ago to give people more context and more facts
"Silent Layoffs" or "Forever Layoffs" at IBM and Red Hat (After Bluewashing): Like every day (all day long) we can see people who leave IBM and say something that's based on a 'script'
Free Software Foundation (FSF) and Others Promoting String of RMS Talks, Starting Tomorrow in Lucerne School of Computer Science and Information Technology: Well done, FSF!
Links 05/03/2026: A Bet Against Substack, American Government Openly Hostile Towards Environment: Links for the day
Gemini Links 05/03/2026: Greed and Sentiments Shifting Against Slop: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, March 04, 2026: IRC logs for Wednesday, March 04, 2026
FSF Promoting Richard M. Stallman (RMS) Talk in Switzerland in Just Over a Day From Now: RMS may have more talks on the way
Why Slop Will Flop - Part IV - We've Seen the End of It: Some years ago they insisted blockchains would revolutionise everything
Android is Proprietary 'Linux' and It Becomes More Malicious Over Time, Google Only Delayed What It Planned All Along: Google is a proprietary software giant, GSoC is only a distraction and confusion
Links 04/03/2026: Scam Altman Causes Chatbot Sub Numbers to Plunge, "Stocks Drop as Inflation Risk Emerges": Links for the day
Why Slop Will Flop - Part III - Our Relationship With Slop (and Yours): I never - except inadvertently - "used" an LLM-based chatbot
Why Slop Will Flop - Part II - Devil in the Details: News sites or social control media sites which tolerate slop are digging their own grave
Simpler Means Faster: Do you know your bottlenecks?
Gemini Links 04/03/2026: About a Missing Symbol and "Good Manners": Links for the day
The Register MS Takes Money From Chinese Surveillance Threat to Promote a Ponzi Scheme: "Sponsored by Huawei."
Nicaragua's GNU/Linux Usage Measured at Over 8% by statCounter: Nicaragua is a poor country, but it also has rich culture
Why Slop Will Flop - Part I - Slop Fatigue Prevalent: See, sooner or later people (audiences of colleagues) find out and as soon as they find out you are slopping, they will lose interest
Links 04/03/2026: "The EU moves to kill infinite scrolling" and a call to "Nationalize Amazon": Links for the day
Coming Soon: Evidence of Abuse in Our IRC Network: IRC's freedom can sometimes be its 'weakness' if not properly guarded
High GNU/Linux Adoption in Brunei Darussalam: It's worth noting (or at least noticing) that Microsoft loses ground in some of the countries where the government contracts paid the most
Media Blackout Reducing or Preventing Press Coverage of Microsoft Layoffs in 2026: Worse yet, there will be gaslighting and deceit
GNU/Linux in Laptops/Desktops Still Matters, It's Likely the Only Way to Achieve Software Freedom: Software Freedom requires all sorts of things at the "OS level"
Gemini Links 04/03/2026: The Garnet Star, The Hunt, The SYN Attacks: Links for the day
The EPO's General Consultative Committee (GCC) Discussion Illuminates How Much Worse Things Have Gotten ("on Strike and Participated in the 'Meeting'"): a videoconference - not a physical meeting - discussed EPO policies
Free Software Foundation Supports Its Founder, Advertises His Talks in Switzerland: When you suppress voices, assuming the reasons for suppression are bunk, it is always bound to backfire very badly
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, March 03, 2026: IRC logs for Tuesday, March 03, 2026
Over 1,500 EPO Workers Went on Strike Last Week: a new publication which celebrates some accomplishments of industrial actions and calls for further actions
Madame Streisand Wanted to Censor The Web, Instead She 'Created' a New Term, "Streisand Effect": It is basically an own goal
Solicitors Regulation Authority (SRA) Failed to Detect Fraud in Law Firms... Until It Was Too Late: Earlier today we contacted some more politicians about this and received mail from them as well
Our EPO and IBM Coverage Bears Fruit: In case insiders want to get in touch with us, please ensure or at least try doing so securely
Defending Women Isn't a Crime, Everybody Can Agree on That: Their culture is unlike ours
EPO "Cocaine Communication Manager" - Part VI - Influx of Spaniards and Portuguese Workers (+77%) at Europe's Second-Largest Institution, Led by the 'Alicante Mafia': There is now data supporting this assertion, new and complete data in fact
Links 03/03/2026: "Scam Altman in Damage Control" and Oil Traffic Disrupted: Links for the day
Gemini Links 03/03/2026: Phones, LLMs, and Changes on the Web: Links for the day
Richard Stallman Confirms Talk in Bern Next Week: Dr. Stallman has just formally confirmed his third talk this month in Switzerland
Nobody is Safe at IBM (or Red Hat): There is no job security at IBM
GNU/Linux at All-Time High in Guam: there are many computers in that island
Bad faith: Hugo Roy knew FSFE impersonating FSF before French tribunal, colleagues deceived: Reprinted with permission from Daniel Pocock
Microsofters' SLAPP Censorship - Part 1 Out of 200: Claim No. KB-2024-001270 in a Nutshell: abuse of process by a law firm working for an American who was arrested for strangling women and another American whose own spouse calls a "rapist"
When EPO Team Managers (TMs) Are Harassing People Who Strictly Apply the European Patent Convention (EPC) in Patent Examination: There are two strikes planned for this month
Confirmed: Using Slop Gets You Fired: Let the story of Benj Edwards be a cautionary tale
Links 03/03/2026: "No one wants to read your AI slop" and "chatbots in the kill chain": Links for the day
EPO and "Equivalent to More Than 100 Days of Strike": The industrial actions continue and already have a positive effect
Streisand Effect, the Microsoft Way: Microsoft has once again proven the Streisand Effect
Keeping Track of IBM Layoffs in March 2026: IBM depends on bribery
GNU/Linux Measured at 7% in Yemen: Windows is too hostile and dangerous
Links 03/03/2026: Security Breaches, Iceland Wants EU Membership, and "Wall Street–Backed Lawmakers Want to Help Banks Gouge You": Links for the day
Queensland Health Payroll System: IBM billion-dollar-blowout inquiry: Reprinted with permission from Daniel Pocock
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, March 02, 2026: IRC logs for Monday, March 02, 2026
Gemini Links 03/03/2026: GrapheneOS and Keyboard Shortcuts: Links for the day

Another Week Goes by and Internet Explorer Users Still Ripe for Hijacking

Recent Techrights' Posts