Another Week Goes by and Internet Explorer Users Still Ripe for Hijacking

Dr. Roy Schestowitz

2009-11-29 15:44:14 UTC
Modified: 2009-11-29 15:44:14 UTC

Summary: Microsoft leaves Internet Explorer users high and dry for weeks, having not addressed a zero-day flaw that compromises the entire operating system

LAST week we wrote about the Internet Explorer zero-day flaw -- a flaw which Microsoft has not resolved yet. IDG writes:

Hackers working on the open-source Metasploit project have spiffed up a zero-day attack on Microsoft's Internet Explorer, making it more reliable -- and more likely to be used by criminals.

Security experts have been worried about the flaw since it was first disclosed on the Bugtraq mailing list Friday. But the original demonstration code was unreliable and has not been used in real-world attacks.

But then came this IDG report, an advisory (not the same as patch), and SJVN wrote:

Earlier this week Microsoft announced yet another IE (Internet Explorer) bug. This one, Microsoft Security Advisory 977981, is one of the really bad ones that can allow attackers to take your Windows PC over. Yuck!

[...]

I think your best move to keep the world from sneaking in some malware over your browser is to get the latest versions of Firefox 3.5.5 or Google's Chrome 3.0.x Web browser. Neither is perfect, but they are better than IE. I wish I could recommend Opera, but I continue to have real concerns about Opera's built-in Web server security.

Indeed, this is an opportunity to recommend that people secure themselves by moving to another Web browser. Microsoft Thurrott does Microsoft's "damage control", having previously incited people against rival Web browsers like Opera. Other coverage includes:

● Exploit code targets Internet Explorer zero-day display flaw

● New Security Flaw Hits Internet Explorer 6 & 7

● New attack targets weakness in Internet Explorer

● Microsoft Issues Internet Explorer Security Advisory

This is pretty serious.

Microsoft on Monday said it is investigating a possible vulnerability in Internet Explorer after exploit code that allegedly can be used to take control of computers, if they visit a Web site hosting the code, was posted to a security mailing list.

No report about a patch has been published yet. So, a good solution would be abandonment of Internet Explorer. ⬆

Smelling an opportunity

Recent Techrights' Posts

The Microsofters Have Just Shared Privileged Trial Data With Microsoft: There are serious ramifications for liability accountability as Microsoft salaries sponsor these SLAPPs
Trolls With LLM Slop Are Disrupting Communications About Mass Layoffs at IBM: LLM slop to drown out the signal
[Video] IBM Shakes Hands of Prince Mohammed bin Salman: handshake of loyalty
Inviting the Founder of GNU/Linux to Events (It Only Costs His Travel Expenses) and Recalling the True Origins: It's reassuring to see belated recognition
Slopwatch: Microsoft's Anti-Linux Propaganda and Cover-up, Slopfarms Clogging Up Google News: slop-tracking activities that observe googlebombing of "Linux"
AstroTurfing by IBM in thelayoff.com is Highly Risky (and Likely Outsourced): Microsoft did this in Reddit (and got caught), so why won't IBM too?
Links 17/05/2025: Stabber of Salman Rushdie Sentenced to 25 Years in Prison: Links for the day
Gemini Links 17/05/2025: Happier on Gemini and Manipulating Reddit: Links for the day
ComEd and Microsoft: A Mess of Spaghetti Held Together By Circus Clowns: Reprinted with permission from Ryan Farmer
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, May 16, 2025: IRC logs for Friday, May 16, 2025
Links 16/05/2025: Microsoft Sacks Pregnant Women, People Fired on Their Birthday; Adobe Censorship Failing: Links for the day
Gemini Links 16/05/2025: "Repairing Our Way out of Commodity Fetishism" and Pre-librebooted Computers: Links for the day
The SLAPPs From Microsofters Distract From Serious Copyright Infringement by Microsoft and Apparent Business Crimes: Aside from other issues, such as strangling women
Enshittification is Everywhere: You Pay More, the Services Get Worse: "Enshittification" is a term coined by an online friend; I increasingly use this term to describe what's happening even outside the realm of technology (which it was adopted to describe)
Microsoft Reduces Office Space Ahead of More Waves of Mass Layoffs: "The Gerstnerisation of Microsoft"
Anti-Linux FUD Produced by Microsoft LLMs to Blame "Linux" for Microsoft's Own Failures: We call out some of the worst culprits
Gemini Links 16/05/2025: Hoking GPS, Grabovac, and Tanana: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, May 15, 2025: IRC logs for Thursday, May 15, 2025
Microsoft WARN Notices Proliferate in the United States: From what we've seen, this wave was more than 3% (a lot more) and the next wave/s will be even bigger (possible as imminent as weeks from now), based on insider leaks
Links 15/05/2025: Google Betrays Publishers Again, Openwashing by Sysdig: Links for the day
Richard Stallman Still Respected by Many in the Libre Graphics Community: Richard Stallman and Professor Moglen never harmed anyone
If You Read Techrights, Then You Probably Want to Read Tux Machines as Well: That site is more active than this one
Gemini Links 15/05/2025: Forced Music in Publicly Accessible Space and ~silv is Online: Links for the day
Links 15/05/2025: KOSA Censorship (USA Becomes More Like KSA) and More National Cuts: Links for the day
Bing Might Shut Down - Just Like Skype Did - Some Time in the Coming Months/Years (Parts of It Already Shut Down): they try to bring the losses under control
Your Real Ally Would Not Defend the Company of SLAPP and Strangling of Women: who's left to tell us what's true?
Breakdown of Microsoft Layoffs Shows It's About Cost, Not Performance or Hype (Like "AI"): MSN (Microsoft) reposted this with some unnecessary spin
The Lawyers Working for the Serial Strangler From Microsoft on SLAPPing Techrights Have Apparently Lost Their Voice: the moment we mentioned that their media lawyer is leaving they went all quiet in social control media
At IBM, Relocation Can be a Trick or a Trap (IBM Gets Rid of Staff Under the Guise of "Relo"): IBM is not being honest with employees
Microsoft Rumours: This Week's Scale of Layoffs "Higher Than Reported" and More Coming Soon ("A Lot More Severe" Than May's): The "3%" figure is false
Slopwatch: Sloppy Brian, Brittany Slop, and General Observations: Creative people don't need slop; there's just nothing good about it, slop appeals to lazy people careless about quality
Over at Tux Machines...: GNU/Linux news for the past day
Beyond Mass Layoffs at Microsoft: Entire Units Shut Down for Good: And it's far from over
Links 15/05/2025: Crikvenica, Analog Computer, and Slop 'Hallucinations': Links for the day
IRC Proceedings: Wednesday, May 14, 2025: IRC logs for Wednesday, May 14, 2025