Another Week Goes by and Internet Explorer Users Still Ripe for Hijacking

Dr. Roy Schestowitz

2009-11-29 15:44:14 UTC
Modified: 2009-11-29 15:44:14 UTC

Summary: Microsoft leaves Internet Explorer users high and dry for weeks, having not addressed a zero-day flaw that compromises the entire operating system

LAST week we wrote about the Internet Explorer zero-day flaw -- a flaw which Microsoft has not resolved yet. IDG writes:

Hackers working on the open-source Metasploit project have spiffed up a zero-day attack on Microsoft's Internet Explorer, making it more reliable -- and more likely to be used by criminals.

Security experts have been worried about the flaw since it was first disclosed on the Bugtraq mailing list Friday. But the original demonstration code was unreliable and has not been used in real-world attacks.

But then came this IDG report, an advisory (not the same as patch), and SJVN wrote:

Earlier this week Microsoft announced yet another IE (Internet Explorer) bug. This one, Microsoft Security Advisory 977981, is one of the really bad ones that can allow attackers to take your Windows PC over. Yuck!

[...]

I think your best move to keep the world from sneaking in some malware over your browser is to get the latest versions of Firefox 3.5.5 or Google's Chrome 3.0.x Web browser. Neither is perfect, but they are better than IE. I wish I could recommend Opera, but I continue to have real concerns about Opera's built-in Web server security.

Indeed, this is an opportunity to recommend that people secure themselves by moving to another Web browser. Microsoft Thurrott does Microsoft's "damage control", having previously incited people against rival Web browsers like Opera. Other coverage includes:

● Exploit code targets Internet Explorer zero-day display flaw

● New Security Flaw Hits Internet Explorer 6 & 7

● New attack targets weakness in Internet Explorer

● Microsoft Issues Internet Explorer Security Advisory

This is pretty serious.

Microsoft on Monday said it is investigating a possible vulnerability in Internet Explorer after exploit code that allegedly can be used to take control of computers, if they visit a Web site hosting the code, was posted to a security mailing list.

No report about a patch has been published yet. So, a good solution would be abandonment of Internet Explorer. ⬆

Smelling an opportunity

Recent Techrights' Posts

Extraordinary General Meeting of Staff Union of the European Patent Office Ahead of Intensifying Strikes: We will, in the meantime, run a series about EPO corruption, which is now connected to corruption in Portugal and to corruption inside the EU
European Patent Office (EPO) Series: The Brotherhood of São Bento: The Palácio São Bento – or São Bento Palace – is the seat of the Portuguese National Assembly in Lisbon
Brett Wilson LLP Reported to Police for Trying to Throw Large Parcel Into Our Home: This morning the campaign of intimidation...
Slop Has no ROI, an Economy Built on False Assumptions of Slop is Doomed: we're all going to suffer from this Ponzi scheme
This Coming Friday: Richard Stallman (RMS)
Yesterday Afternoon The Register MS Published a Fake Article That Says "AI" 31 Times Because It Got Paid to Do This: What will happen when all those loans for slop (Ponzi scheme) stop and companies' marketing budgets - which include media bribes for hype campaigns - are no more?
Several Slopfarms That Target "Linux" Seem to Have Died: Or perished severely
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, June 08, 2026: IRC logs for Monday, June 08, 2026
Gemini Links 09/06/2026: Tanana River, Cassette Beasts, and Emacs: Links for the day
IBM's Quantum Bubble Already Deflating: Shares down over $55 in a few days
SLAPP Censorship - Part 101 Out of 200: Women Come to Realise They Don't Wish to Participate in Attacking Vulnerable Women: It relates to another topic that we shall be covering in the coming weeks
Links 08/06/2026: Proprietary Loaded With Security Holes, Armenia Defies Russia: Links for the day
Gemini Links 08/06/2026: NetHack 5.0.0 and Slop as Cannibalism: Links for the day
Links 08/06/2026: "Rising Emissions, Depleting Water" Due to the Pyramid Scheme of Slop; "Canada Needs to Rebuild Public Telecoms": Links for the day
GAFAM Bots Are Not "Good Bots": There's nothing "Good" about Google
Links 08/06/2026: Criticism of Microsoft Trying to Criminalise Pointing Out Bug Doors, TikTok Now "Climate-Denying Social Media App": Links for the day
The Cyber Show Has "Exciting Guests Coming" and a Gemini Capsule: "Site development is ongoing but now settling into a more stable form"
GNU/Linux Measured at 10% in Liechtenstein This Month: it seems like statCounter wrongly classified some GNU/Linux clients as Mac clients and is now issuing a correction
Communicating With Freedom - Part III - Quibble Envisioned as a New and Easily Accessible Communications Platform Based on LibreJS: the FSF really needs to become more active if not proactive in promoting those sorts of things
Clownflare Says Majority of Web Traffic is Now Bots, But the Net is Another Story: Bots are to Clownflare what lawsuits are to lawyers
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, June 07, 2026: IRC logs for Sunday, June 07, 2026
The Strikes at the European Patent Office Planned to Carry on for the Entire Year, Maybe Future Years as Well: There's a cautionary tale somewhere
Number of Patent Grants Has Plunged 23% Amid Strikes at the European Patent Office, Today There Are More Strikes (Strike Participation at Over 3,000, More Than Doubled Since Winter): There is a growing crisis at the European Patent Office
E.E.E. Still Ongoing, the War on Copyleft/GPL Enables That: It also imperils security.
Gemini Links 07/06/2026: Lynx in the 'Modern' Web and 'Overcooked' (Plagiarised by LLM) Code: Links for the day
Links 07/06/2026: Java Needs Seawall, Egypt Blasted for Arbitrary Detention of Activists: Links for the day
SLAPP Censorship - Part 100 Out of 200: Interlude and Outline of the First Half, 3+ Months That Got Us Death Threats Connected to Brett Wilson LLP (and Cyber Attacks That Are Difficult to Attribute): This week we plan to have a good time
Banning Things Versus Teaching People the Reason/s to Shun/Boycott Those Things: Prohibition has its limits
Links 07/06/2026: NASA's Mars Maven Declared Dead, Telegram Founder Pavel Durov Bemoans Russia's Crackdown: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, June 06, 2026: IRC logs for Saturday, June 06, 2026
Gemini Links 07/06/2026: How to Train Your Dragon (2010) and "Six Days of Play": Links for the day