Another Week Goes by and Internet Explorer Users Still Ripe for Hijacking

Dr. Roy Schestowitz

2009-11-29 15:44:14 UTC
Modified: 2009-11-29 15:44:14 UTC

Summary: Microsoft leaves Internet Explorer users high and dry for weeks, having not addressed a zero-day flaw that compromises the entire operating system

LAST week we wrote about the Internet Explorer zero-day flaw -- a flaw which Microsoft has not resolved yet. IDG writes:

Hackers working on the open-source Metasploit project have spiffed up a zero-day attack on Microsoft's Internet Explorer, making it more reliable -- and more likely to be used by criminals.

Security experts have been worried about the flaw since it was first disclosed on the Bugtraq mailing list Friday. But the original demonstration code was unreliable and has not been used in real-world attacks.

But then came this IDG report, an advisory (not the same as patch), and SJVN wrote:

Earlier this week Microsoft announced yet another IE (Internet Explorer) bug. This one, Microsoft Security Advisory 977981, is one of the really bad ones that can allow attackers to take your Windows PC over. Yuck!

[...]

I think your best move to keep the world from sneaking in some malware over your browser is to get the latest versions of Firefox 3.5.5 or Google's Chrome 3.0.x Web browser. Neither is perfect, but they are better than IE. I wish I could recommend Opera, but I continue to have real concerns about Opera's built-in Web server security.

Indeed, this is an opportunity to recommend that people secure themselves by moving to another Web browser. Microsoft Thurrott does Microsoft's "damage control", having previously incited people against rival Web browsers like Opera. Other coverage includes:

● Exploit code targets Internet Explorer zero-day display flaw

● New Security Flaw Hits Internet Explorer 6 & 7

● New attack targets weakness in Internet Explorer

● Microsoft Issues Internet Explorer Security Advisory

This is pretty serious.

Microsoft on Monday said it is investigating a possible vulnerability in Internet Explorer after exploit code that allegedly can be used to take control of computers, if they visit a Web site hosting the code, was posted to a security mailing list.

No report about a patch has been published yet. So, a good solution would be abandonment of Internet Explorer. ⬆

Smelling an opportunity

Brett Wilson LLP Sent Over 5 Kilograms (or Over 12 Pounds) of Legal Papers! Because Writing About Microsoft Abuses is 'Illegal'.: How do you guys sleep at night? On a big pile of Microsoft money?
Extremism as a Weapon Against GNU/Linux (Microsoft Lunduke): He ought to know the Halloween Documents. Wasn't he a Microsoft employee when these came out?
Gemini Links 09/07/2025: Extreme Testing and Golang Documentation in Geminispace: Links for the day
Vice President of the European Patent Office (EPO) Complains That Techrights Gives Visibility to Legal and Technical Issues at the EPO: "Follow-up on enquiries relating to Dir. 1218 and 1001"
Slopwatch: linuxsecurity.com and Various Slopfarms That Lie About "Linux" and Are Promoted by Google News: Google does not seem interested in tackling this problem
Links 09/07/2025: War Updates and Microsoft Moving to India to Cut Costs: Links for the day
GNU/Linux Was Always a 'Movement' of Inclusion of Tolerance: Even the licences themselves remove access barriers
Links 09/07/2025: "Subprime AI Crisis" and "OpenAI May Be in Major Trouble Financially": Links for the day
Huge Piles of Legal Papers ('Paper DDoS') Do Not Impress Judges and Regulators: they just make judges and regulators even more suspicious of the eagerness to resort to 'paper DDoS'
Lunduke Isn't Even Hiding His Anti-Linux Agenda (From "Linux Sucks" to "Linux is Pedophiles"): just trying to make a lot of trouble
Some People Use Computers to Get Actual Work Done: Tolerance and inclusion must extend to acceptance that some people don't agree with you, might never agree with you, and imposing what allegedly works for you on them is unreasonable
Example of "Old" Things That Still Work: The notion that something being "old" implies it must be discarded is typically advanced by those looking to sell more of something
Some Scheduled Maintenance Later Today: Typically the most vulnerable service during short interruptions is IRC
Computers Are Just a Tool: People don't get married because they love weddings, folks don't join the army because they love war, and most drivers don't drive to work because they love cars
Apple Way Past Its Prime: Apple deserves a decline
The FSF's SysOps Team Recovered From Serious Hardware Issue Within Hours: About half a day ago I noticed that all/most GNU/FSF sites were not reachable and thus reached out to a contact for any details
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, July 08, 2025: IRC logs for Tuesday, July 08, 2025
Slopwatch: Turning Bugs Into FUD About "Linux", Getting Basic Facts Wrong: all the screenshots are of fake articles; we don't want to link to any
Technical Reasons, Not Politics: With Wayland "it feels a lot like Linux from 20-25 years ago, which is horrendously frustrating, because it feels like we wasted one or two decades of progress and stability": Lately, quite a few benchmarks were published to show Wayland compares poorly compared to what we had
PCLinuxOS Recovering From Fire: It looks like a nightmare scenario, where even backups onsite get destroyed
Links 09/07/2025: More Heatwaves, Officials Culled in Russia: Links for the day
Gemini Links 09/07/2025: XScreensaver and Resurrection: Links for the day
Links 08/07/2025: "Cyberattack Deals Blow to Russian Firmware" and "Cash Remains King": Links for the day
FSF40 T-shirt message: by Alex Oliva
Gemini Links 08/07/2025: Creativity, Gotify with NUT Server, and Sudo Bugs: Links for the day
More on "Lunduke is Actually Sending His Audience to Attack People": "pepe the frogs"
Links 08/07/2025: Sabotage of Networking Infrastructure, Microsoft XBox Game Pass Deemed “Unsustainable”: Links for the day
Dalai Lama Succession as Evidence That Determined, Motivated People Can Reach Their Nineties: And we need to quit talking about their death all the time
Many Lawyers (for Microsoft) and 1,316 Pages to Pick on a Litigant in Person Who Exposed Serious Microsoft Abuses: Answers must be given
Gemini Links 08/07/2025: Ancillary Justice and Small Web July: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, July 07, 2025: IRC logs for Monday, July 07, 2025
Layoffs and Shutdowns at IBM, Not Just Microsoft: Same as Microsoft
The FSF's (Free Software Foundation, Inc.) 2025 Summer Fundraiser Already Past Halfway Line: This is where GNU/Linux actually started
With Workers Back From a Holiday Weekend, Microsoft Layoffs Carry on, More Waves to Come: Now it's Monday and people are bad to work, even some journalists
Mozilla Had No Good Reason to Outsource Firefox Development to Microsoft: What does Mozilla plan to do when GitHub shuts down?
Mozilla Firefox Did Not Die, It Got Killed: To me it'll always look like Mozilla got killed by its sponsors, especially Google, which had a conflict of interest as a sponsor
You Need Not Wave a Rainbow Flag This Month to Basically Oppose Arseholes Looking to Disrupt and Divide the Community: Don't fall for it
Dan Neidle, Whom Brett Wilson LLP SLAPPed (on Behalf of Corrupt Rich Tax Evaders), Still Fighting the Good Fight: Neidle fights for the poor people
What Miguel de Icaza and Microsoft Lunduke Have in Common: Similar aims, different methods
Wayland Should Start by Dumping Its Very Ugly Logo: Wayland wins the "ugliest logo" award every year
Stop Focusing on Hair Colours, Focus on Corporate Agenda: If someone commits a crime, it does not matter if his or her hair was mostly white or there was no hair or a wig or whatever
Links 07/07/2025: Science, Conflicts, and a Fictional K-pop Group: Links for the day
Gemini Links 07/07/2025: Being a Luddite and Announcement of Gotify: Links for the day
Links 07/07/2025: XBox Effectively 'Dead', DMCA Subpoena Versus Registrar: Links for the day
The 'Corporate Neckbeard' is Not the "Good Guy": Works for IBM
The Nasty Smear (and Stereotype) of "Neckbeard" or "Greybeard" is Ageism: This is the sort of stuff they might try to volley at critics of Wayland
Why Many of Us Use X Server and Will Continue to Use It For Many Years to Come: Don't make this about politics
Microsoft's Nat Friedman Became Unemployed the Same Time the SLAPPs Against Techrights Started Coming From His Friends (Weeks After We Had Exposed Scandals About Him and the Serial Strangler, His Best Friend, Who Got Arrested a Few Days Later): Nat Friedman is not "Investor, entrepreneur"
Brett Wilson LLP Uses Threats to Demand Changes to Pages or Removal of Pages Without Even Revealing Which Staff Member Does That (Sometimes People From Another Firm!): This has been in the public for years
Dan Neidle Said "It Really Then Became a Job of Tormenting" Lawyers Like Brett Wilson LLP (Who Threatened Him for Exposing Crimes, Just Like They Threatened My Wife a Few Months Later): he and his wife decided to take on the evil people and their evil lawyers
Large Language Models (LLMs) Externalise Their Cost to the Free Software Foundation (FSF): "The forty-sixth Free Software Bulletin is now available online!"
Weeding Out Extremism in Our Community: To me it seems like Microsoft Lunduke is rapidly becoming like a "hate preacher" who operates online, breeding an extremist ideology or trying to soften its image
Censorship Versus Fact-Checking and Quality Control: It's not censorship but a matter of quality control
Reinforcing the Allegations Some More, Bryan Lunduke Digs His Own Grave: In his latest episodes he merely repeats his own lies, which I debunked using evidence right from his own mouth
Global Warming and Free Software as a Force of Mitigation: we'll need to think about Software Freedom, not just brands like "Linux"
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, July 06, 2025: IRC logs for Sunday, July 06, 2025
Gemini Links 07/07/2025: BaseLibre Numerical System and TUI Rant: Links for the day

Another Week Goes by and Internet Explorer Users Still Ripe for Hijacking

Recent Techrights' Posts