Another Week Goes by and Internet Explorer Users Still Ripe for Hijacking

Dr. Roy Schestowitz

2009-11-29 15:44:14 UTC
Modified: 2009-11-29 15:44:14 UTC

Summary: Microsoft leaves Internet Explorer users high and dry for weeks, having not addressed a zero-day flaw that compromises the entire operating system

LAST week we wrote about the Internet Explorer zero-day flaw -- a flaw which Microsoft has not resolved yet. IDG writes:

Hackers working on the open-source Metasploit project have spiffed up a zero-day attack on Microsoft's Internet Explorer, making it more reliable -- and more likely to be used by criminals.

Security experts have been worried about the flaw since it was first disclosed on the Bugtraq mailing list Friday. But the original demonstration code was unreliable and has not been used in real-world attacks.

But then came this IDG report, an advisory (not the same as patch), and SJVN wrote:

Earlier this week Microsoft announced yet another IE (Internet Explorer) bug. This one, Microsoft Security Advisory 977981, is one of the really bad ones that can allow attackers to take your Windows PC over. Yuck!

[...]

I think your best move to keep the world from sneaking in some malware over your browser is to get the latest versions of Firefox 3.5.5 or Google's Chrome 3.0.x Web browser. Neither is perfect, but they are better than IE. I wish I could recommend Opera, but I continue to have real concerns about Opera's built-in Web server security.

Indeed, this is an opportunity to recommend that people secure themselves by moving to another Web browser. Microsoft Thurrott does Microsoft's "damage control", having previously incited people against rival Web browsers like Opera. Other coverage includes:

● Exploit code targets Internet Explorer zero-day display flaw

● New Security Flaw Hits Internet Explorer 6 & 7

● New attack targets weakness in Internet Explorer

● Microsoft Issues Internet Explorer Security Advisory

This is pretty serious.

Microsoft on Monday said it is investigating a possible vulnerability in Internet Explorer after exploit code that allegedly can be used to take control of computers, if they visit a Web site hosting the code, was posted to a security mailing list.

No report about a patch has been published yet. So, a good solution would be abandonment of Internet Explorer. ⬆

Smelling an opportunity

Recent Techrights' Posts

Many Reports About Microsoft Layoffs Are LLM Slop Based on Other LLM Slop (From Microsoft-controlled LLMs That Downplay the Layoffs or Give Badly Outdated Data): The LLM slopfarms also dilute/derank actual news about Linux by pushing Microsoft Azure instead; it's a spamfest!
Gemini Links 16/03/2025: Threats to Canada and How to Process News Online: Links for the day
Links 16/03/2025: Growing Tariff Hostilities and Social Media Surveillance: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, March 15, 2025: IRC logs for Saturday, March 15, 2025
Gemini Links 15/03/2025: Sleeping in March, Headless Raspberry Pi 4: Links for the day
Links 15/03/2025: Hey Hi (AI) Hype Waning, Microsoft and Apple Ridiculed for Vapourware: Links for the day
When You Expose Corporate Crimes, Misconduct and Lies They Harasses and Troll You. Then You Write About the Harassment and Trolling and They Allege It's "All Personal".: protect women's safety
Gemini Links 15/03/2025: Bandcamp and DST: Links for the day
Links 15/03/2025: Albania TikTok Ban, No Skinnerboxes in Danish Schools: Links for the day
Sierra Leone: Android Up to Record Highs, Windows Falls to Record Lows of Almost 5% (15 Years Ago It Was 100%): This is what happens when about 83% of Web requests come from mobile
Margarita Manterola (marga, Google) & Debian DebConf13 Swiss venue intrigue: Reprinted with permission from Daniel Pocock
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, March 14, 2025: IRC logs for Friday, March 14, 2025
'India Today' is a Slopfarm, Sometimes 'Covering' "Linux" With Slop Images: New example of pure BS
Gemini Links 14/03/2025: Grizzy Bear and Prime Beats: Links for the day
Links 14/03/2025: ProPublica Admitting That It Uses Slop (Foolish Move), RIP Mark Klein: Links for the day
Windows is Fast Becoming Insignificant to Zimbabweans: based on this survey, less than 1 in 6 Web requests may originate from Windows
Rumours of IBM Layoffs Again, This Time Marketing: It's "bad marketing" to talk about layoffs
The Fall of the Open Source Initiative (OSI): The OSI Does Not Speak For You, OSI Staff Speaks for GAFAM/Microsoft (the Paymasters): they speak for proprietary software companies, but they wear "open" on their sleeve
Microsoft Money Used for Abuse of Women and Against Journalism in Support of Women (the Victims): "Never interrupt your opponent while he is in the middle of making a mistake."
Slopwatch: linuxsecurity.com and hamradio.my (in Planet Ubuntu) Are at It Again With LLM Slop About "Linux": LLM slop does not save time
Links 14/03/2025: Chinese Tensions With Australia, Putin Turns Down Ceasefire: Links for the day
Gemini Links 14/03/2025: Löjl and Docker Context Stuff: Links for the day
Links 14/03/2025: Scam Currencies in the US and Oligarchs (Including GAFAM) Controlling All the Major Policies: Links for the day
Antisemitic Attacks on Richard Matthew Stallman (RMS) in Wikipedia This Week: Did the man strike a nerve or what?
Bluewashing Ends DEI at IBM and at Red Hat (HR or Hiring Become Gender- and Race-Neutral): All that "whitelist is racist" stuff is likely a thing of the past
Links 13/03/2025: Intel Rotates Figurehead and South Korea Imports Karen People From Myanmar: Links for the day
Meanwhile at Microsoft Canonical...: Promoting proprietary surveillance by a company that actively attacks Linux in a lot of ways
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, March 13, 2025: IRC logs for Thursday, March 13, 2025