Another Week Goes by and Internet Explorer Users Still Ripe for Hijacking

Dr. Roy Schestowitz

2009-11-29 15:44:14 UTC
Modified: 2009-11-29 15:44:14 UTC

Summary: Microsoft leaves Internet Explorer users high and dry for weeks, having not addressed a zero-day flaw that compromises the entire operating system

LAST week we wrote about the Internet Explorer zero-day flaw -- a flaw which Microsoft has not resolved yet. IDG writes:

Hackers working on the open-source Metasploit project have spiffed up a zero-day attack on Microsoft's Internet Explorer, making it more reliable -- and more likely to be used by criminals.

Security experts have been worried about the flaw since it was first disclosed on the Bugtraq mailing list Friday. But the original demonstration code was unreliable and has not been used in real-world attacks.

But then came this IDG report, an advisory (not the same as patch), and SJVN wrote:

Earlier this week Microsoft announced yet another IE (Internet Explorer) bug. This one, Microsoft Security Advisory 977981, is one of the really bad ones that can allow attackers to take your Windows PC over. Yuck!

[...]

I think your best move to keep the world from sneaking in some malware over your browser is to get the latest versions of Firefox 3.5.5 or Google's Chrome 3.0.x Web browser. Neither is perfect, but they are better than IE. I wish I could recommend Opera, but I continue to have real concerns about Opera's built-in Web server security.

Indeed, this is an opportunity to recommend that people secure themselves by moving to another Web browser. Microsoft Thurrott does Microsoft's "damage control", having previously incited people against rival Web browsers like Opera. Other coverage includes:

● Exploit code targets Internet Explorer zero-day display flaw

● New Security Flaw Hits Internet Explorer 6 & 7

● New attack targets weakness in Internet Explorer

● Microsoft Issues Internet Explorer Security Advisory

This is pretty serious.

Microsoft on Monday said it is investigating a possible vulnerability in Internet Explorer after exploit code that allegedly can be used to take control of computers, if they visit a Web site hosting the code, was posted to a security mailing list.

No report about a patch has been published yet. So, a good solution would be abandonment of Internet Explorer. ⬆

Smelling an opportunity

Recent Techrights' Posts

NVIDIA Corp Lost 36% of Its "Value" Since Cheeto Inauguration, But "Gen Hey Hi" (GenAI) is Totally Not a Bubble: Selling loads of unneeded hardware based on hysterical hype; like selling shovels during a Gold Rush
The State of EPO Staff's Health in Rijswijk or The Hague: We're going to cover the EPO some more later in the month
GNU/Linux Growing in East Asia, Windows by Default No More?: GNU/Linux is now on the shelf
Slopwatch: Anti-Linux 'Articles' From Linux-Hostile LLMs: It is almost always negative things and nobody can be held responsible for it except the charlatans prompting the LLMs
Links 05/04/2025: Fentanylware (TikTok) "Sale Looks Highly Imminent" (US), Stock Market Drowning in Panic: Links for the day
Gemini Links 05/04/2025: Moving Plants, No to Smartwatches, RAID Hygiene: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, April 04, 2025: IRC logs for Friday, April 04, 2025
Techrights Has Dealt With More Potent SLAPPs Than Violent Microsofters Begging to Hide What They Did to Women: I became accustomed to SLAPPs
Links 04/04/2025: Fury in South Korea, Flight MH370 Remains Mystery: Links for the day
Gemini Links 04/04/2025: Anger and Raspberry Pi CM4: Links for the day
Links 04/04/2025: LLM Slop Bubble Bursting and Korea Music Copyright Association Bans Slop 'Music': Links for the day
Traf-O-Data, the Company That Jeffrey Epstein's BFF (Bill Gates) (Co)Founded 53 Years and Went Out of Business Due to Heavy Losses: Who will die first, Bill or Microsoft?
Why Microsoft's Shares Sank Almost 20% in Recent Months (the Bubble is Imploding): verified press reports from the past 24 hours
A Note on SimilarWeb: Or why SimilarWeb is meaningless for more than 99% of the sites on the Web
GNU/Linux Rises to Almost 5% in Algeria While Windows Sinks to All-Time Low: GNU/Linux grew tenfold
Where to Get More Gags: A valued reader recommended that to us
Links 04/04/2025: Tech Stock (Inc. GAFAM) Fall, Google Pretends to Do End-to-End Encrypted Emails (With Google in Control): Links for the day
IBM Said to be Shutting Down Offices or Sites in the United States: the press can no longer avoid admitting that IBM moves many jobs to India
To Participate in Fedora Diversity You Must Use Proprietary Software: Not for the first time either
LLM Slop as Attack Vector on the Reputation of Linux: The attacks on Linux have escalated to information warfare
Yandex About to Be Three Times Bigger Than Microsoft (Bing) in Asia: That's about 60% of the world's population
Gemini Links 04/04/2025: Decoupling Updates, Elaho as Gemini Client: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, April 03, 2025: IRC logs for Thursday, April 03, 2025
Microsoft's Trouble in Africa and Asia: A new all-time high for GNU/Linux
Brett Wilson LLP Reported to the Solicitors Regulation Authority (SRA): The saddest thing in all this is that law firms can maintain high standards shall they wish to
Links 03/04/2025: Tariff Pains and C.D.C. Cuts: Links for the day
StatCounter: Microsoft is Masking a Disaster, It's Way Behind DeepSeek Already and Interest in LLMs Has Waned: it turns out the money "raised" for "Open" "AI" may not even exist at all
Links 03/04/2025: SoftBank Money for Microsoft "Open" "AI" Probably Doesn't Even Exist, Wikimedia Foundation Blasts LLM Nuisance While Microsoft Admits Demand Has Shrunk: Links for the day
Gemini Links 03/04/2025: Patch Panel and Pictures: Links for the day
Islamic Republic of Iran: GNU/Linux at All-time High This Month, Windows Falls to 12%: Vista 10 is up this month despite being "end of life" (EoL) soon
Indonesia: All-Time Highs for GNU/Linux: What's noteworthy right now is the growth of GNU/Linux
statCounter Says GNU/Linux Usage is Up Again (Internationally): some preliminary April data
Only on April 1st Can the Free Software Foundation Associate With Microsoft's Open Source Initiative (OSI): We saw some pranks that day linking the FSF to Microsoft (e.g. "endorsing" Windows)
Confirmed in the Mainstream Media: A Lot of Microsoft "Workloads" Were Just LLM Slop (Helping to Fake Growth for Years, as Microsoft Had Paid "Open" "AI" to Become a "Client") and Demand is Rapidly Waning, Datacentres Canceled and/or Shut Down: Anything to facilitate further accounting fraud
Taiwan's Media Covers Closure of Microsoft's "AI" Lab, It's Time to Talk About the Gradual Death of Windows and Implosion of the "AI" Bubble: Earlier this week we showed that mostly Asian media had the 'nerve' to mention Microsoft silently shutting down its 'AI' lab
IBM Gets Rid of Kelly Chambliss as Mass Layoffs Reported in IBM Consulting, IBM Loses Key Contracts/Graft: IBM Consulting has been in disarray lately
More Gains for GNU/Linux, Based on Web Surveys: the Steam site shows rapid growth for "Linux" this month
Slopwatch: Anti-Linux Articles, Not Even Written by Humans: Why aren't Web sites more vocal about this problem?
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, April 02, 2025: IRC logs for Wednesday, April 02, 2025
Links 03/04/2025: Apple Fined Over Secret Surveillance, "Elegant Writer For A More Civilized Age": Links for the day