Another Week Goes by and Internet Explorer Users Still Ripe for Hijacking

Dr. Roy Schestowitz

2009-11-29 15:44:14 UTC
Modified: 2009-11-29 15:44:14 UTC

Summary: Microsoft leaves Internet Explorer users high and dry for weeks, having not addressed a zero-day flaw that compromises the entire operating system

LAST week we wrote about the Internet Explorer zero-day flaw -- a flaw which Microsoft has not resolved yet. IDG writes:

Hackers working on the open-source Metasploit project have spiffed up a zero-day attack on Microsoft's Internet Explorer, making it more reliable -- and more likely to be used by criminals.

Security experts have been worried about the flaw since it was first disclosed on the Bugtraq mailing list Friday. But the original demonstration code was unreliable and has not been used in real-world attacks.

But then came this IDG report, an advisory (not the same as patch), and SJVN wrote:

Earlier this week Microsoft announced yet another IE (Internet Explorer) bug. This one, Microsoft Security Advisory 977981, is one of the really bad ones that can allow attackers to take your Windows PC over. Yuck!

[...]

I think your best move to keep the world from sneaking in some malware over your browser is to get the latest versions of Firefox 3.5.5 or Google's Chrome 3.0.x Web browser. Neither is perfect, but they are better than IE. I wish I could recommend Opera, but I continue to have real concerns about Opera's built-in Web server security.

Indeed, this is an opportunity to recommend that people secure themselves by moving to another Web browser. Microsoft Thurrott does Microsoft's "damage control", having previously incited people against rival Web browsers like Opera. Other coverage includes:

● Exploit code targets Internet Explorer zero-day display flaw

● New Security Flaw Hits Internet Explorer 6 & 7

● New attack targets weakness in Internet Explorer

● Microsoft Issues Internet Explorer Security Advisory

This is pretty serious.

Microsoft on Monday said it is investigating a possible vulnerability in Internet Explorer after exploit code that allegedly can be used to take control of computers, if they visit a Web site hosting the code, was posted to a security mailing list.

No report about a patch has been published yet. So, a good solution would be abandonment of Internet Explorer. ⬆

Smelling an opportunity

Recent Techrights' Posts

Links 20/04/2026: Chatbots Motivate Manslaughter, GAFAM’s ‘Tobacco Moment’: Links for the day
The Corrupt Lecture the Non-Corrupt - Part II - It's About Politics, Not Science: Tomorrow we'll discuss what the cocaine proponents (or apologists) deem to be "ethics"
SLAPP Censorship - Part 52 Out of 200: Phil Golding Appointed Bar Standards Board (BSB) Chief, Misogyny Must End: How many rules will they "bend" or even breach?
FOSS Linux (fosslinux.com) Has Become a Slopfarm: Slopfarming is the last incarnation of sites that die or are dead
Gemini Links 21/04/2026: NeoVim, GeminiMDB, and Another New Gemini Client (Called Titan II): Links for the day
Links 21/04/2026: Internet Shutdowns, Bluesky Crippled by DDoS Attack: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, April 20, 2026: IRC logs for Monday, April 20, 2026
3,400 Gemini Capsules Accessible and Known to Lupa, A Geminispace Crawler: We're about to exceed 3,400 some time soon
When and Why I Quit Writing "Classical" GNU/Linux Advocacy Articles: I'd love to write more about why GNU/Linux is great [...] We always try to cover unique issues and break stories (exclusives)
IBM Had Mass Layoffs Every Month This Year (Including at HashiCorp, Confluent, and Red Hat), 'Results' Due in 2 Days' Time: IBM's "media partners" seem to be engaging (propaganda and puff piece) ahead of the serenade to Wall Street
Dr. Andy Farnell on Privacy Failings and Shallow Media Coverage: Bad media paves the way for failed societies
Gemini Links 20/04/2026: Fahrenheit 451, Small Web Advocacy, and Offgrid Holdout: Links for the day
Debian Has a New Project Leader (DPL): We plan to upgrade Debian some time this month
This Morning The Register MS Published SPAM With "AI" 36 Times in It. This is What The Register MS is Paid to Publish.: It's selling out to Ponzi schemers
Throwing Rocks in Houses of Glass: Lots of "virtue-signalling" against ICE
Links 20/04/2026: Brave Origin Nightly, Scuttling USAID Gives 'Soft Power' to China, and White House Gives Money to Russia (Through Oil Sales): Links for the day
EPO Cocainegate Escalates - Part II - "Cocaine Communication Manager" Luis Berenguer is Back Without Punishment: Latest on Luis Berenguer
Gemini Links 20/04/2026: "I Hate Computers" and "Why I de-Googled": Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, April 19, 2026: IRC logs for Sunday, April 19, 2026
If You're Against War, Why Would You Pay IBM Red Hat?: Red Hat's largest clients aren't geeks; they're militaries
Uplifting Mood in Manchester: Looking behind - and ahead - after a day of relaxation
SLAPP Censorship - Part 51 Out of 200: On Perjury and What It Means to Take Third-Party Funding to Attack Reporter and His Family (in Another Continent): threats of prison sent to my wife
The Corrupt Lecture the Non-Corrupt - Part I - EPO Management Talks About "Ethics" While Cocaine Users Run the Office: Let's start with the basics
EPO Cocainegate Escalates - Part I - Cocaine Abuse in Family of Campinos (President’s Office): at the EPO's management you can do illegal drugs and still represent Europe's second-largest institution
Gemini Links 19/04/2026: Big Brother and the Telescreen, Syncing Gemini Capsule With a Makefile: Links for the day
Links 19/04/2026: Introducing “Fighting Fascism” Podcast and Kyiv Mass Shooting: Links for the day
Links 19/04/2026: Mass Layoffs at GAFAM Again (10% Laid Off), Azure Capacity Problems (Enshittification): Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, April 18, 2026: IRC logs for Saturday, April 18, 2026