Another Week Goes by and Internet Explorer Users Still Ripe for Hijacking

Dr. Roy Schestowitz

2009-11-29 15:44:14 UTC
Modified: 2009-11-29 15:44:14 UTC

Summary: Microsoft leaves Internet Explorer users high and dry for weeks, having not addressed a zero-day flaw that compromises the entire operating system

LAST week we wrote about the Internet Explorer zero-day flaw -- a flaw which Microsoft has not resolved yet. IDG writes:

Hackers working on the open-source Metasploit project have spiffed up a zero-day attack on Microsoft's Internet Explorer, making it more reliable -- and more likely to be used by criminals.

Security experts have been worried about the flaw since it was first disclosed on the Bugtraq mailing list Friday. But the original demonstration code was unreliable and has not been used in real-world attacks.

But then came this IDG report, an advisory (not the same as patch), and SJVN wrote:

Earlier this week Microsoft announced yet another IE (Internet Explorer) bug. This one, Microsoft Security Advisory 977981, is one of the really bad ones that can allow attackers to take your Windows PC over. Yuck!

[...]

I think your best move to keep the world from sneaking in some malware over your browser is to get the latest versions of Firefox 3.5.5 or Google's Chrome 3.0.x Web browser. Neither is perfect, but they are better than IE. I wish I could recommend Opera, but I continue to have real concerns about Opera's built-in Web server security.

Indeed, this is an opportunity to recommend that people secure themselves by moving to another Web browser. Microsoft Thurrott does Microsoft's "damage control", having previously incited people against rival Web browsers like Opera. Other coverage includes:

● Exploit code targets Internet Explorer zero-day display flaw

● New Security Flaw Hits Internet Explorer 6 & 7

● New attack targets weakness in Internet Explorer

● Microsoft Issues Internet Explorer Security Advisory

This is pretty serious.

Microsoft on Monday said it is investigating a possible vulnerability in Internet Explorer after exploit code that allegedly can be used to take control of computers, if they visit a Web site hosting the code, was posted to a security mailing list.

No report about a patch has been published yet. So, a good solution would be abandonment of Internet Explorer. ⬆

Smelling an opportunity

Recent Techrights' Posts

Links 28/08/2025: Chatbots Distorting/Fabricating History and Also Driving Suicide: Links for the day
Open Source Initiative (OSI) Resists Software Freedom, Even by Attacking Its Own: The OSI is compromised
Richard Stallman (RMS) Talk in Ethereum Cypherpunk Congress Will be Remote: This past week RMS received lots of accolades online
The Register MS (Run by Microsoft Operatives): Free Software is Putin, Hence Evil and Dangerous: The current editor in chief is an American Microsofter, the previous one went to work for Google (US)
Gemini Links 28/08/2025: Back in Japan and Why "Hacker News" Sucks: Links for the day
A Much-Needed Wake-up Call to Users of Wordpress.com, Blogspot, Substack and All Those Other Outsourced (and Centralised) Platforms: There are several lessons in there
The UEFI 9/11 - Part II - Campaign of Censorship and Defamation Against Critics: In dictatorships, humour serves an important role. It's tragic.
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, August 27, 2025: IRC logs for Wednesday, August 27, 2025
Slopwatch: linuxsecurity.com, Slopfarms in Google News, and More: Some readers of ours end up sending us links that are from slopfarms, not realising those are slopfarms
Gemini Links 27/08/2025: Katrina Memories and Google Versus Software Freedom: Links for the day
Links 27/08/2025: Police Against Media Freedom in the UK, Energy-Hungry Countries Targeted by China: Links for the day
Microsoft Windows Fell to All-Time Lows in Egypt This Summer, Vista 11 Adoption Decreases While GNU/Linux Increases: Vista 11 is going down rather than up
Links 27/08/2025: Microsoft Demoralises Staff With Slop Demands, Leaving Mastodon Explained: Links for the day
12 Hours Ago The Register MS Published a Fake (Paid-for) Article, But This One for a Change Did Not Promote a Ponzi Scheme: There are also Free software alternatives, but they don't pay The Register MS for "synthetic" so-called 'journalism'
More People Need to Call Out and Put a Stop to Serial Sloppers: Unless slopfarms are stopped, people will read and share Microsoft propaganda made by chatbots
Gemini Links 27/08/2025: Headphones and Tartarus: Links for the day
Morale at Microsoft is Terrible (Proprietary Plagiarism Machines Have No Future, LLM Slop is a Bubble): The slop sceptics/critics are going to have lots of "told you so" moments
GNOME "governance issues, staff reduction, etc." amidst Albanian whistleblowing and women trafficking: Notice the connection to Software Freedom Conservancy (SFC) and GNOME
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, August 26, 2025: IRC logs for Tuesday, August 26, 2025
Richard Stallman (RMS) Was Right About "Sideloading" in 1996: We now have computers that treat booting GNU/Linux like an act of "Sideloading"
Panama: Windows Down From 97% "Market Share" to Less Than 30%: In 2009, Windows was measured at 97.24% (compared to 62.32% right now or less than 30% if one also counts Android)
The UEFI 9/11 - Part I - Introduction to Impending Catastrophe (Microsoft Preventing People From Booting Non-Windows Systems): eight-part series
Why Techrights is Slow Today (Bot Floods): We don't know if those bots are connected to LLMs (we have not checked), but that is a possibility
Slopwatch: DDoS Slop, LinuxBSDos.com Spam, and Slopfarms in Google News, Including webpronews.com: Among the news we also found fakes, albeit not so much today
Links 26/08/2025: "Ballooning Debt" in France and "Transnational Repression in the UK": Links for the day
Gemini Links 26/08/2025: Listening to Alcest and Google Doing Evil (Users Installing Software is "Sideloading" and Prohibited): Links for the day
Links 26/08/2025: DNS Tampering and TikTok Layoffs: Links for the day
Microsoft's Windows "Market Share" Overestimated: Microsoft's income sources are shrinking
We Shall See...: My wife and I are hardly the first victims of Brett Wilson LLP
This New Determination on a Case Echoes the Modus Operandi of Microsoft's Serial Strangler vs Techrights (Its Online Decision/Judgment Says Truth and Public Interest Defend the Publisher): Noel Anthony Clarke hopefully has enough money left to pay his victims, which include the publishers
Going Offline: There was life before the Net
The Register MS Has Apparently Shut Down Its Office: It is basically a fake address on the face of it
There Are Also Expectations of IBM Layoffs Very Soon With "Narrative Control.": Some of them mention Red Hat and how IBM failed to achieve anything substantial with that acquisition
After at Least Two Rounds of Mass Layoffs in August Microsoft Said to Have "September Layoff Confirmed - Performance Based": Those "M5 level meetings" sound plausible
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, August 25, 2025: IRC logs for Monday, August 25, 2025