Another Week Goes by and Internet Explorer Users Still Ripe for Hijacking

Dr. Roy Schestowitz

2009-11-29 15:44:14 UTC
Modified: 2009-11-29 15:44:14 UTC

Summary: Microsoft leaves Internet Explorer users high and dry for weeks, having not addressed a zero-day flaw that compromises the entire operating system

LAST week we wrote about the Internet Explorer zero-day flaw -- a flaw which Microsoft has not resolved yet. IDG writes:

Hackers working on the open-source Metasploit project have spiffed up a zero-day attack on Microsoft's Internet Explorer, making it more reliable -- and more likely to be used by criminals.

Security experts have been worried about the flaw since it was first disclosed on the Bugtraq mailing list Friday. But the original demonstration code was unreliable and has not been used in real-world attacks.

But then came this IDG report, an advisory (not the same as patch), and SJVN wrote:

Earlier this week Microsoft announced yet another IE (Internet Explorer) bug. This one, Microsoft Security Advisory 977981, is one of the really bad ones that can allow attackers to take your Windows PC over. Yuck!

[...]

I think your best move to keep the world from sneaking in some malware over your browser is to get the latest versions of Firefox 3.5.5 or Google's Chrome 3.0.x Web browser. Neither is perfect, but they are better than IE. I wish I could recommend Opera, but I continue to have real concerns about Opera's built-in Web server security.

Indeed, this is an opportunity to recommend that people secure themselves by moving to another Web browser. Microsoft Thurrott does Microsoft's "damage control", having previously incited people against rival Web browsers like Opera. Other coverage includes:

● Exploit code targets Internet Explorer zero-day display flaw

● New Security Flaw Hits Internet Explorer 6 & 7

● New attack targets weakness in Internet Explorer

● Microsoft Issues Internet Explorer Security Advisory

This is pretty serious.

Microsoft on Monday said it is investigating a possible vulnerability in Internet Explorer after exploit code that allegedly can be used to take control of computers, if they visit a Web site hosting the code, was posted to a security mailing list.

No report about a patch has been published yet. So, a good solution would be abandonment of Internet Explorer. ⬆

Smelling an opportunity

We Are Sad to Hear the Story of Jonathan Riddell, Champion of KDE and GNU/Linux on Desktops/Laptops: I have enormous respect for Jonathan and everything he has done
UEFI "Secure Boot Doesn’t Play Nice at the Moment": UEFI "Secure Boot" does not improve security. It's an artificial obstacle in service of monopoly.
Andy Has Just Nailed It (Regarding Complexity and Failure, a la UEFI): The users no longer own or control what they buy
Compatibility Support Module (CSM) Versus GNU/Linux Simplicity: what Andy recently called "solutionism"
Links 15/09/2025: "Postal Traffic to US Down by Over 80%" and 'Smart' Spinozacampus Laundry Room Goes AWOL: Links for the day
Gemini Links 15/09/2025: Dungeon Hustle and Deleting Oneself From the Net: Links for the day
Breach of EPO's Duty of Care or Cigna Reimbursement Issues: This is the sort of thing that motivated Luigi Mangione to assassinate a CEO
Ask Ubuntu About "Secure Boot" Violation and Laptops That Don't Boot GNU/Linux: Does anyone still believe that "Secure Boot" has anything at all to do with security?
Talking About the Problem vs Talking to the Problem: Wanting an audience is never a good excuse for compromising one's values and principles
Focusing on Patents: The reason we cover the EPO so much is that it's close to home
"Secure Boot Violation": The 'Joys' of Fake Security Gone Wrong: Not everyone reboots every day
Links 15/09/2025: Russia Invades Romanian Airspace, Penske Media Sues Google Over LLM Slop: Links for the day
Links 15/09/2025: Bitcoin ATMs Scam and "Conservative Cryptography" (Backdoors Fantasies): Links for the day
EPO Imitates Microsoft: "Three Days or More Per Week" Inside the Office to Get a Desk to Work on; "the Office Breaches Its Promise Towards Staff and Acts in Breach of Its Duty of Care": The EPO serves no actual function in Europe
Links 15/09/2025: Political Affairs, Censorship, and Copyrights: Links for the day
Gemini Links 15/09/2025: Music Genres, Invisible Networks, and Akademy 2025: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, September 14, 2025: IRC logs for Sunday, September 14, 2025
Satya's Plan B: Try to Hide the Massive Extent/Scale/Scope of Microsoft Layoffs: fewer people buy Microsoft
Red Hat News About De Facto Mass Layoffs (Bluewashing) Gone From Reddit (Censored by Gatekeepers), Still Online in The Register: With RTOs, PIPs, relocation etc. expect IBM to "shed off" many Red Hatters
Gemini Links 14/09/2025: ROOPHLOCH, Music, and Reddit: Links for the day
If You Want to "make your 'Windows PC' lean, mean, and fast" You Will Install GNU/Linux or Some BSD: That kind of article says a lot about IDG
Slopwatch: Google News Infested With Slop (About Half of the Results for "Linux" Today): This is the sort of junk one finds when looking for "Linux" in Google News these days
Links 14/09/2025: Ricky Hatton Dies and McDonald's Declares War on Tipping Culture: Links for the day
Links 14/09/2025: Disasters for CEOs Obsessed With Slop and Slop Companies School Like Fish: Links for the day
"Bad Shim Signature" (Microsoft 'Secure' Boot): "Fresh install not booting"
What Microsoft Garrett and Microsoft Lunduke Have in Common: Similar tactics, different "wings"
Links 14/09/2025: US "Economy Sagging", "Michigan Economy Wobbles From Tariffs": Links for the day
Gemini Links 14/09/2025: Minimalist Snippet Manager and Omarchy Linux: Links for the day
The Face of the Digital Far Right: Microsoft Lunduke: Microsoft Lunduke is an online extremist that belongs to and panders to the far right
20 Years Later and Academia Isn't the Same: "I never dreamed of being a professor"
'Cancel Culture' by the Right: Microsoft Lunduke Contacts People's Employers Trying to Get Them Fired: Microsoft Lunduke panders to extremists online
"Bad Shim Signature"; So 'Secure' That It Overrides Users' Preferences and Turns Itself Back on (Coercive Measure): This was a few hours ago
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, September 13, 2025: IRC logs for Saturday, September 13, 2025
Microsoft is Rapidly Dropped From Web Servers, Shows Survey: Microsoft lost about 8% "market share" in just 3 months
Many GNU/Linux Users Report MOK (Machine Owner Key) Issues in Recent Days: many people don't report this online and never post in Reddit
We Covered UEFI 'Secure Boot' Scandals. The World Listened.: To hell with UEFI 'secure boot'
Links 13/09/2025: Escalations in East Europe and POTUS’ Health Cover-Up: Links for the day
Gemini Links 13/09/2025: Lagrange Turns 5 and Lagrange 1.19.2 Released: Links for the day
Microsoft Inside Your Linux: "Security vulnerability that allowed an attacker to bypass UEFI Secure Boot.": 2 hours ago
A New Low for "Linux Journal": Promoting MICROSOFT WINDOWS Using LLM Slop: They've just jumped the shark entirely
Fake News With Fake Numbers About Microsoft: "This is what happens when the world's economy is governed by sick old men"
Slopwatch: "Google News" is Fast Becoming a Mashup of Slopfarms, Linux Journal ("LJ") is a Dump of LLM Slop: Well done, Google News. Google itself can flourish as a slopfarm mashup.
Torturing Users Who Just Want to Run GNU/Linux on Their Own PC: "Linux does not want to install"
The Register MS Still Takes Money to Hype Up "AI" in Articles by Microsoft Resellers With the Term "AI" 30+ Times in Them: Notice how many times they mention "AI"
The Apache Logo News is VERY Old, Racists and 'Anti-Woke' Bigots Look for Something to Incite Other Bigots With: Nothing to see here, move along
Linux Mint 9/11: "4th One Today..." (in Reddit): Remember that not everyone having an issue reports it to social control media like Reddit
Nepal Will Fall Without a Single Shot Fired, Thanks to Social Control Media: Or very few shots (by the authorities)
European Corruption in the European Patent Office (EPO) Targets Culture: "In reality, the project includes a new “legal instrument” shifting administrative burden and liability on EPO staff while creating new uncertainty and externalising Amicale activities."
European Authorities, Already Bribed and Infiltrated by Microsoft, Won't Help You Find BigBlueButton, Jami, Ring, and Jitsi: Because they're paid by Microsoft and are Microsoft 'addicts' themselves
UEFI Secure Boot Failing, as Expected for Nearly 15 Years Already (Techrights Said This Since 2012): in the media
Debian 9/11: people report this issue
Gemini and Web Links 13/09/2025: MElon's Slop Grift and "Autonomous Trains": Links for the day
Moving From Content Management Systems (CMSs) to Static Site Generators (SSGs) Saves You Time, Makes You a Lot More Productive: try to reduce the cost (financial and computational) of running your site
Pursuing Peace Through Violence: You cannot "see" a person's mind, until the mouth opens
Leak: European Patent Office (EPO) is Now Attacking Amicale Clubs: corruption has become the norm and scientists are robbed of any dignity
Can We Please Stop Celebrating Shooters?: "An important point to hammer on is that CoCs were never intended for uniform or symmetric application"
Oracle Fraud (or Defrauding Shareholders): "the obvious [lie] is that watts are (wasted) electricity [and] and FLOPS are computing capacity"
Geminispace is Growing Faster in 2025 Than It Did in 2024: What matters is that corporations haven't ruined it and LLM slop is extremely rare
Links 13/09/2025: China Punishes for 'Negative' Posts, US Police Unable to Find Shooter: Links for the day
Who's the Mystery Financier of SLAPP Against Techrights and Is That a Millionaire/Billionaire?: Whose idea was it to fund meritless lawsuits against my wife and I?
Slopwatch: Slow Slop Day: This distracts from or may take traffic away from the original articles, actually written by actual people
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Friday, September 12, 2025: IRC logs for Friday, September 12, 2025

Another Week Goes by and Internet Explorer Users Still Ripe for Hijacking

Recent Techrights' Posts