Code Posted For New IE Exploit

PC World is reporting that two days ago hackers posted code for a new vulnerability in Internet Explorer that could allow drive-by takeover of a vulnerable PC. Security companies say that no exploits using the "daxctle" vulnerability have yet been found in the wild, but they are taking the new threat seriously. Symantec calls the bug "critical" and Secunia rates it highly critical, the most severe rating. The hackers who posted the sample code, xsec.org, refer to it as a "0day" exploit. The article quotes another security expert who calls this label "a stretch." Update: 09/17 18:00 GMT by C :Fixed link to XSec. Thanks for pointing that one out, folks.

Wrong Link in Subject

[Anonymous Coward]

That's xsec.org [xsec.org] not xsec.com

Re:

[WilliamSChips]

What does the goatsecant of x have to do with anything?

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Bing Tsher E]

What the hell is this 'vim' crap? vi is a 30K binary on my system (NetBSD) not some bloated third-party clone.

Dupe!

[Overly Critical Guy]

I call dupe! Slashdot just reported on an IE exploit, and before that, had another IE exploit post. They do this every month, in fact. Why don't these editors do their jobs and stop reporting the same story repeatedly?!

Moo

[Chacham]

Another ActiveX exploit. *yawn*

If you want to be safe in IE, turn off ActiveX from untrusted sites. Hasn't this been known since day one?

News would be if ActiveX was tested and found to be safe.

Re:

[cubicledrone]

Oh noes! Don't criticize teh billywindows! The PC Magazine fanzorz will moderate troll troll troll.

Ah yes. PC Magazine. Where Macs don't exist and "power-hungry" appears in every third headline.

Re:

[Bing Tsher E]

Well, to be fair, PCs only exist as limp parodies of the real thing in MacWorld and other Mac-only publications.

how to detect an untrusted site ..

[rs232]

"if you want to be safe in IE, turn off ActiveX from untrusted sites"

How do you know what is or is not an untrusted site.

How in any way is that comment "insightful".

Re:how to detect an untrusted site ..

[SLi]

Huh? If you don't have any specific reason to trust it, it's untrusted. I would have thunk that's Internet 101.

Re:

[Tim C]

How do you know what is or is not an untrusted site.

That's easy. If you have to ask yourself "do I trust this site?" then the answer is no.

Re:

[jonadab]

All sites by default are untrusted sites. The system administrator can add specific sites (e.g., the corporate intranet) as trusted, and then those sites can use ActiveX, but you should NOT have ActiveX enabled for random sites on the internet. That would be very unsafe.

Re:

[dvice_null]

There has bee reports about trusted sites being hacked and spyware/viruses being planted on them. So there really isn't a thing called "trusted site". So if you want to be safe in IE, switch to Linux. If you want to be almost safe in IE, don't use it. I recommend Firefox instead.

Re:

[trezor]

Switch to Linux and watch all my applications which I need to do my job fail. Yes, that sounds like a plan. For the record I'm a .NET developer who needs Visual Studio and SQL Server to do my work.

You may find it hard to believe but Windows is a pretty damn secure OS, given that the one using it knows what he's doing. I'm not using MSIE, I'm not using Windows Media Player. And I have yet to have my machine BSOD, get infected with spyware/virus nor have to reinstall it periodically because it's unrespons

Re:

[Millenniumman]

I'm sorry, but you're wrong. Linux is much more secure for most users. If you can't install the OS, and use it, you won't have any security problems.

Re:

[NoTheory]

yes, and you can reduce your risk of car accidents by moving into the middle of the sahara desert. The statement may be true, but it's not very useful. As for grandparent, so you develop w/ .NET, that's great for you too. I believe that VS is in the WINE list of apps. You've picked your platform, but that doesn't mean that you've got rock-solid justification for it. Ultimately the platform you pick is about your laziness, and what you want to be lazy about.

Re:

[Reaperducer]

Strawman!! Strawman!!

Sorry... I got carried away there. Everyone else on Slashdot misuses that term. I didn't want to feel left out.

Re:

[Reaperducer]

I have yet to have my machine BSOD, get infected with spyware/virus nor have to reinstall it periodically because it's unresponsive. My system is working excellently and does what I want it to do

That's great. But what if you want to use it on day two?

Moderators on crack

[trezor]

Me saying that Windows, the worlds most used, sold and deployed user-focused OS, can be used relatively securely, and that people should choose the tool/OS that does the job that needs doing best, I get modded troll, while a Linux fanboy claiming that Linux solves all problems in the world, regardless of what the actual job at hand is (without any actual backing ofcourse) doesn't.

Great job, mods! Now you can mod this offtopic, trolling flamebait. I'm sure that the burning karma will fit right into your

Re:

[vhogemann]

A better alternative would be not use IE at all.

I know most users just don't care, or don't know better. But what about developers and companies? These should be treating IE like a plague, and using it only when there's no other suitable alternatives, on a sandboxed environment.

I used to care about IE compatibility when I designed my pages... but not anymore. I realized that most business already expect some kind of requirements for the software you sell or build for them, mine is a modern browser, with dec

Re:

[Chacham]

ActiveX should be dead and burried by now.

Perhaps you mean ActiveX on untrusted sites. On an intranet especially, or certain trusted sites, it can be invaluable.

Re:

[x2A]

...and instead use one of the many other browsers that never has any bugs 'n exploits, like erm... errr... um... anyway, yeah, then you'd be totally secure!

Re:

[kula.shinoda]

That wouldn't be news, it would be fud :)

Re:

[n0-0p]

A 0-day refers to an undisclosed vulnerability; however, some people have stretched the definition to mean unpatched vulnerability. It's considered a stretch because an unpatched vulnerability is still known, so precautions can be taken. With a true 0-day vulnerability/exploit, you would have no knowledge of the issue and no way of protecting specifically against it.

Re:

[mattpalmer1086]

No, 0-day refers to an exploit that is released the same day as the vulnerability it exploits is announced. If the vulnerability hasn't been announced at all, it's not a 0-day exploit.

Since /.'s already turned into bugtraq...

[mobby_6kl]

why not post these:

Linux Kernel SMBFS CHRoot Security Restriction Bypass [securityfocus.com]
Linux Kernel SCTP Multiple Remote Denial of Service [securityfocus.com]
Apple Mac OS X KExtLoad Format String Weakness [securityfocus.com]
Mozilla Firefox JavaScript Handler Race Condition Memory Corruption Vulnerability [securityfocus.com]

Re:Since /.'s already turned into bugtraq...

[elronxenu]

Perhaps because the first bug you mentioned was posted 4 months ago, you can resolve it by upgrading your kernel, and almost nobody would run an application chrooted under an SMBFS network filesystem anyway.

The second bug is only a DOS, it won't give an attacker sweet r00t permissions. And it's also 4 months old news.

The third bug doesn't result in any privilege escalation because the kextload program isn't setuid, you'd need to find some other vulnerability in a program which uses kextload.

And the fourth bug is a month old already, hasn't been proven to be exploitable (more likely to simply crash firefox), and is easily resolved by upgrading firefox.

Re:

[Mixel]

Okay, one of my few attempts to be funny... and I totally fuck up. Figures. I hate sensitive trackpads. Won't be trying this again for a while.

Re:

[Bing Tsher E]

You won't be trying what? Posting off-topic side comments with your +2 enabled? You just did it twice in a row.

People: check on 'No Karma Bonus' when posting side comments. Your every word does NOT warrant being made at +2.

Re:

[Millenniumman]

You're merely jealous that you don't have excellent karma. :D

Re:

[Bing Tsher E]

bullshit. there's a setting in the preferences to default your comments to 1, and turn off the +1 for 'karma'.

(and you thought you were gonna bait me into using the +1 to reply to your troll, huh?)

September 13, not September 15

[Infosec Geek]

Since this was dated September 17, make that four days ago, not two.

Check the date on the xsec.org page referred to, daxctle2.c [xsec.org]. milw0rm 2358 [milw0rm.org] was a re-publication of this, also posted up on 09/13/2006. Republication happened at other exploit advisory sites as well, such as the SecuriTeam(TM) site, where, for some strange reason, the exploit was published twice, redundantly.

The formal vulnerability advisories SA21910 [secunia.com] and FrSIRT/ADV-2006-3593 [frsirt.com], from Secunia and FrSIRT respectively, posted on 09/14/2006

Re:

[RAMMS+EIN]

``the exploit was published twice, redundantly''

And you are repeating yourself, twice, redundantly, saying the same thing multiple times without adding new information. ;-)

Re:

[Technician]

Assuming, of course, that one considers it wise to use MSIE at all, given a choice. But PHBs from coast to coast have left many millions of cube inmates with exactly that: no choice.

Many of us cube inmates use IE as required internaly as required. On break, we re-boot into a live Linex CD and are unable to log into the corp domain, but happly point firefox at the corp autoproxy and surf away.
It is safe for the corp as nothing is saved to disk. I love Ubuntu for this.

Firefox 1.5.07?

[jiushao]

Considering that Firefox is the more common browser on Slashdot, how about doing a story about Firefox 1.5.07 fixing four separate critical heap corruption exploits and an honest to god RSA signature spoofing exploit? These stories about IE exploits comes off as pure Microsoft-hate masturbation.

Re:

[makomk]

Considering that Firefox is the more common browser on Slashdot, how about doing a story about Firefox 1.5.07 fixing four separate critical heap corruption exploits and an honest to god RSA signature spoofing exploit?

Key word: fixing. As far as I can tell, this security hole is currently unpatched.

Re:

[jiushao]

Granted, now they are fixed, but the exploits were known for at least several days before the update was made available (and another few days before the automatic updates picks up on it). Similiarly we can probably expect a Microsoft patch within a week (as has been the typical delay for more critical problems for some time, granted, the WMF exploit took 9 days, but that unfortunately happened during the holidays).

Re:Firefox 1.5.07?

[Pecisk]

Propably because there is code in the wild for this exploit and bug itself is still unfixed?

Re:

[RonnyJ]

That's contrary to what the second line in the summary says, though you've still been modded up despite posting no evidence to back your claim up.

Security companies say that no exploits using the "daxctle" vulnerability have yet been found in the wild

You can make an exploit if you want to

[MarkByers]

Security companies say that no exploits using the "daxctle" vulnerability have yet been found in the wild

But code that could be used to create an exploit has been posted, which is what I think GP was referring to.

Re:

[Vexorian]

So you are saying that just to avoid people like you to call slashdot a ms-hate central, slashdot should avoid to publish an story about a new IE exploit even though it is news for nerds and stuff that matters?

Boy , you must accept that this news item wasn't biased, it didn't come with the standard "It seems that MS screwed it again" nor any other POV , and the exploit does exist. So why get so offended?"

Re:

[RonnyJ]

The presence of this news item doesn't show bias.

However, I would suggest that the lack of news items regarding security flaws in Firefox does show bias.

Re:

[Bing Tsher E]

No, I think he is saying that articles like this shouldn't be of much interest to the Slashdot community, since we're not stuck using IE. All these topics are for is to poke fun at Microsoft.

I don't agree that this is the only reason the articles are published (for one thing, Slashdot is stacked with people who claim to be OSS-advocates who are probably browsing the site on their Mom's computer running Win Me and they get sent to their room if they install anything they downloaded on it).

winpologists out in force

[rs232]

Slashdot has done stories on bugs in Firefox. See ..

Slashdot | 611 Defects, 71 Vulnerabilities Found In Firefox [slashdot.org]

Firefox Analyzed for Bugs by Software [slashdot.org]

Spyware Disguises Itself as Firefox Extension [slashdot.org]

I'v also noticed how the same kind of comments from the Winpologists get modded up very quickly.

was Re:Firefox 1.5.07?

Re:

[jiushao]

There is no apologizing for exploits, it is bad whoever has them. On the other hand the nature of the last round of exploits in Firefox is rather really interesting, and as such newsworthy. The cryptographic signature exploit especially warrants a rather interesting technical discussion.

Re:

[rs232]

Yea, "On the other hand .." lets not talk about bugs in IEXPlorer.

That RSA exploit probably appears elsewhere...

[tjwhaynes]

On the other hand the nature of the last round of exploits in Firefox is rather really interesting, and as such newsworthy. The cryptographic signature exploit especially warrants a rather interesting technical discussion.

If you are interested in the work on RSA signatures, check out this OpenPGP posting [imc.org]. The chances are that there are other RSA signature implementations out there that are vulnerable to this sort of subversion and it will be interesting to see what other products actually publish fixes an

Re:Firefox 1.5.07?

[Wylfing]

Considering that Firefox is the more common browser on Slashdot, how about doing a story about Firefox 1.5.07 fixing four separate critical heap corruption exploits and an honest to god RSA signature spoofing exploit? These stories about IE exploits comes off as pure Microsoft-hate masturbation.

OK, smarty, I will explain the difference to you. On one hand we have Firefox, which is a piece of software that is free in both senses, and you can use it, or not use it, or delete from your system, or whatever you want. On the other hand we have Internet Explorer, which is forced upon you via "leveraging," you cannot remove, and you must use because of contrived tie-ins to fundamental system functions.

If there is an exploit for Firefox, I can shrug my shoulders and use any of a dozen other browsers to look at web pages until it gets fixed. Or I can choose to continue using Firefox anyway, despite the risk. It's my choice. However, if there is an exploit in Internet Explorer, I am just plain screwed. I can't switch the goddamn thing off or remove it. Hell, there are plenty of applications and services that will gleefully launch IE of their own accord and start loading internets from God knows where, and there's no way for me to stop it. Because of Microsoft's predatory practices, I have no choice in the matter (except to abandon Windows altogether, which is also not an option -- see how all my choices have been removed?). You're damn right people are a lot more upset when exploits turn up in IE. We are required to suffer the fallout from them.

Re:

[RonnyJ]

You didn't actually address anything of the issue raised about Slashdot covering IE security issues more than Firefox issues, instead you went off on a wild tangent about how IE is integrated into the system.

Sure, you can talk all you like about Firefox and other browsers being optional, etc., but that's not the issue being raised.

Re:

[cloudmaster]

Someone else already mentioned that Firefox bugs actually get *fixed*, and often don't have exploits available until after they're disclosed.

This bug is with a required piece of system software that you can't turn off, *and* it's not fixed yet, *and* there is a working exploit available. If you can think of other similar situations that aren't reported, please, feel free to submit them. Otherwise, your apples don't belong in this orange tree.

Re:

[ultranova]

You didn't actually address anything of the issue raised about Slashdot covering IE security issues more than Firefox issues, instead you went off on a wild tangent about how IE is integrated into the system.

Slashdot covers IE security issues more often than Firefox security issues because IE gets new exploits much more often than Firefox, and since IE is used in a lot more machines than Firefox, IE security issues have far more potential for destruction than Firefox security issues, making them more ne

Re:

[suv4x4]

If there is an exploit for Firefox, I can shrug my shoulders and use any of a dozen other browsers to look at web pages until it gets fixed. Or I can choose to continue using Firefox anyway, despite the risk. It's my choice. However, if there is an exploit in Internet Explorer, I am just plain screwed. I can't switch the goddamn thing off or remove it.

I'm getting tired of explainint this, but here we go again: do you notice the shiny E on your desktop? This is IE. Now, if you're thinking of double clicking

Re:

[AmberBlackCat]

I don't know. I've been running Windows with Internet Explorer ever since I was playing with dolls and I've never had my system compromised by any browser exploit. I think all the people who defend Firefox and Linux by saying "this is pure fud" are just as likely to spew their own "fud".

Re:

[Anonymous Coward]

RTFM.
IE cant be removed.
IE is not only used for web browsing purposes, but started and used for and by quite a many applications.
How's the Windows Update doing without IE ?

Re:

[archen]

Although you cannot remove IE you can secure your system then choose not to use IE. If you turn on content advisor then only allow windowsupdate.com you can block pretty much all IE internet access (in theory). You can then remove IE in add-remove programs which just deletes all the icons to IE - can still be launched through iexplore though. Lastly if you want to manually use windows update, create an mmc snap in pointing there.

Re:

[Hercules Peanut]

Considering that Firefox is the more common browser on Slashdot, how about doing a story about Firefox 1.5.07 fixing four separate critical heap corruption exploits and an honest to god RSA signature spoofing exploit? These stories about IE exploits comes off as pure Microsoft-hate masturbation.

I don't know, perhaps because they were fixed??

Re:

[jiushao]

Sure, after a week of them being public knowledge (a few days for the fix to turn into a release, another few for the release to get out the door), which, coincidentally, is largely the same turnaround that Microsoft has had on serious flaws as of late.

Re:

[isorox]

Considering that Firefox is the more common browser on Slashdot, how about doing a story about Firefox 1.5.07 fixing four separate critical...

Because the first I, and many or most firefox users, heard about the bugs, was when Firefox told me that a bug fix was waiting to be installed. By the time I got to slashdot, it wasn't news, or a threat.

"not a 0day exploit"

[wfberg]

The reason it's not a 0day exploit is because some other dude already discovered the vulnerability, but didn't disclose it to the public? And that second guy is sitting on another 3 or 4 vulnerabilities?

I'm sorry, what's the definition of 0day exploit these days? If not exploit code for which there is no patch available, then what?

Can we now use "responsible disclosure" to argue away the fact that actual computer systems are at risk of being exploited right here and now, by saying "yeah, well, you got rooted and all, but we knew about that bug, so it doesn't count, even though we don't have a patch yet."?

Can we now take comments that the programmers left in the code ("// does this work?" "/* coded while druk */" "//BUGBUG") as an excuse to completely ignore actual vulnerabilities?

And hey, if TWO researches come up with this vulnerability seemingly independently, what are the chances of the exploit already circulating in the black hat community? Close to 100%?

By my definition you've got your negative-day and your zero-day exploits. Negative-day exploits; no patch yet. Zero-day; the patch has just been issued, so might as well give your exploit to scriptkiddies and botnet operators to use on the systems that don't patch early/often enough. Obviously, a negative-day exploit usually isn't going to be used on a large scale, because your average blackhatter wants to keep it in his toolkit to attack well-patched systems; after all, it's what gives him (and his leet skillz) an edge. Once patchday arrives, you might as well give it to some noobs, because they might be interested in unpatched targets, while a leet blackhatter is not.

So no, it's not a "stretch" to call it 0day. It's negative day, even.

Re:

[n0-0p]

I think your definition of zero day is ops-centric, and not security-centric. In this post [slashdot.org] I give the generally accepted definition in the security community, which agrees with Moore's statement. To summarize, the security community only uses 0-day to refer to undisclosed vulnerabilities, and it does not address patch lag.

Re:

[wfberg]

Undisclosed to whom? The second guy seemed to be sitting on the vulnerability. He might've disclosed to Microsoft, but has the public learned of this vulnerability before? If not, they can't be taking any precautions.

Re:

[n0-0p]

I assumed the qualifier was understood; I meant publicly disclosed, not just disclosed to the vendor. Also, I'm not sure if you're familiar with how disclosure works, but it's not in Moore's best interests reveal that he's sitting on vulnerabilities unless he intends to disclose them soon. So he may be practicing responsible disclosure and allowing the vendor a reasonable amount of time to complete a patch. Or he may have other reasons for waiting.

Security disclosure in general is a pretty complicated ga

Re:

[wfberg]

I assumed the qualifier was understood; I meant publicly disclosed, not just disclosed to the vendor. Also, I'm not sure if you're familiar with how disclosure works, but it's not in Moore's best interests reveal that he's sitting on vulnerabilities unless he intends to disclose them soon.

In this case, it seems like disclosure isn't working - particularly "responsible" disclosure. Otherwise no one would be reporting vulnerabilities that others *claim* are already known (by whom? not the guy claiming the 0da

Re:

[edxwelch]

You're right it *is* a zero day exploit. There have been quite a lot of them reciently, but they haven't done much damage because they depend on the user to navigate to a malicious web site with IE and activeX switched on.
What would really be a lot of fun is a Blaster-type zero day worm.
(If you remember blaster only required the user to connect to the internet to be infected)

Re:

[spinja]

The reason I don't consider it "0day" is that a public tool exists that will discover this bug in its default configuration (AxMan). Anyone who took the time could run the tool, discover the bug, and write the exploit. The tool was released on August 1st and this particular bug was reported to Microsoft in late July. Since all of this information was *widely* publicized at the time of release ( a couple dozen articles on AxMan [blogspot.com] ), I have hard time considering any of the bugs it turns up "0day" in the normal

Does not affect IE7

[I'm Don Giovanni]

This does not affect IE7:
http://blogs.msdn.com/ie/archive/2006/09/15/756736 .aspx [msdn.com]

(Just for edification. ;-))

Re:

[rs232]

Yea, by disabling ActiveX and removing Direct Animation. But does that actually fix the defects in the controls themselves.

Re:

[The MAZZTer]

I tried a bunch of ActiveX vulnerabilities for IE6 in IE7. Some didn't even work in IE6 (probably because I didn't have Office or some other MS ActiveX controls). Only 2 out of 15-20 worked in IE7.

Re:Yes, this affects IE7 but you are prompted

[Psykechan]

Your link points out that IE7 is vulnerable but it will prompt you to run the ActiveX control before hosing your system. From the average user's point of view, they get a message asking to run something created and signed by Microsoft for the page to load. Tell me how many average users, even the relatively computer saavy, will allow the control to run?

Throwing a constant barrage of OS/browser security pop-ups on the screen does not make it secure. Making it so that at exploitable control can be completely removed and not just "effectively removed" from the system helps make the system more secure but this is just a workaround. If the control was designed to be able to grant system level privileges to a web page than it's time to go back to the proverbial drawing board.

If it wasn't designed that way, then patch it when you first hear about it over a month ago [securityfocus.com] and stop complaining about people releasing it to the public. I would rather have everyone know about it than have just Microsoft, a few security people, and several black hats knowing.

vulnerability??

[azman075918]

I'm new here. Just want to add my comment about vulnerability. I think most of the user world wide doesnt even care about vulnerability in IE. Only some of the user that are really care about this are taking action such as patching or reporting of the velnerability. All their know is just the IE can run as it suppose to be. Some says that using Firefoq is good but if the user dont even updated, there are also vulnerability there. I still remember one of my friend doesnt even know that his pc has already b

Re:

[dvice_null]

That's why Firefox has autoupdate. People who even don't know what a security update is, are getting updated automatically and usually within a day or two from the security release. (I have seen questions in Firefox supports forums from people who are asking what was that update thing all about they saw, which should be a proof about people getting updated, whether they understand or not. ).

Re:

[gigne]

Welcome to Slashdot. Prepare to spend lots of time reading meaningless articles such as these.

As for your comment... No, users don't care as long as it works. Most people I know with ie as their main browser have all kinds of crap installed. Those annoying toolbars, flashing smileys, and popups all over the place. There is no educating these people, as they don't care to be educated. They see the windows box as a magic device that "should just work" regardless of how reckless they are with their browsing ha

IE Vulnerability Attack by '0day'

[IT074859]

The codes posed by the hacker will not affect the IE Version 7. The 'Oday' meaning an exploit for a previously undisclosed vulnerability. According to HD Moore, the head of the Metasploit project, he wrote an automated ActiveX testing tool called AxMan that uncovered a handful of IE bugs, including the one exploited by on xsec.org. The trouble affects users running IE 6 with Service Pack 1 on the Windows XP operating system running Service Pack 1 or the Windows 2000 operating system with Service Pack 4. T

Re:

[udippel]

New here ?

In case you don't know, there's a Preview Button and 'Plain Old Text' if you don't happen to know HTML.

Real Damage

[nurb432]

what ever happened to exploits ( be it virus, trojan, whatever ) that cased some REAL damage?

All this whimy-ass 'botnet' garbage needs to end. We need something that totally kills windows when you get infected. Get the people pissed off enough to force microsoft into doing something.

Re:

[(H)elix1]

what ever happened to exploits ( be it virus, trojan, whatever ) that cased some REAL damage?

3. Profit. Folks found there was money to be made off of a bot net under your control. Not uncommon to see an infected system patch itself so others can't infect the system.

Profit

[nurb432]

There has to be some evil person out there that hasnt sold out to the man... In my day, it was the challenge of doing someting that drove us, not the recognition.. ( be it money or peers )

Re:

[account_deleted]

Comment removed based on user account deletion

Re:kills windows

[canuck57]

All this whimy-ass 'botnet' garbage needs to end. We need something that totally kills windows when you get infected. Get the people pissed off enough to force microsoft into doing something.

I for one am actually surprised this hasn't happened yet. Say a worm that infects 20 others then formats the hard drive. Or perhaps break into a botnet (they are not that secure) and wipe some millions of Windows PCs at once. It would not be hard to do, let your Windows get infected, figure out how they control it

Re:

[99BottlesOfBeerInMyF]

I for one am actually surprised this hasn't happened yet. Say a worm that infects 20 others then formats the hard drive. Or perhaps break into a botnet (they are not that secure) and wipe some millions of Windows PCs at once. It would not be hard to do, let your Windows get infected, figure out how they control it and go off and get control. Time will tell, but I suspect sooner or later someone is going to do it.

Yeah but who will notice? Windows is hosed and won't boot? Well, time for a re-install. Honey

Re:

[owlstead]

"All this whimy-ass 'botnet' garbage needs to end. We need something that totally kills windows when you get infected. Get the people pissed off enough to force microsoft into doing something."

Stop nagging and start typing.

Re:

[nurb432]

Sorry, but too much risk. One thing about growing old is you leave that sort of risk taking to the new kids..

Since when is 0-day open to interpretation?

[shaitand]

Either they released the exploit code before the hole was patched or not.

One thing I don't understant...

[RobertM1968]

...Is why these exploits and vulnerabilities are labelled "new".

They aren't new. Maybe they have just been found, but on a product that's been out so long, the exploits have been too (unless of course they were introduced by a fix or update recently). I know it's just improper usage of the English language - kinda like the "new" planets we've found (that have been around for billions of years).

The problem is, this creates a misconception in the casual user's mind as they think the exploit is new instead o

Re:

[VGPowerlord]

English is known for having more than one meaning for any given word. For example, here's the first two definitions of new [m-w.com] from Merriam-Webster.

1 : having recently come into existence : RECENT, MODERN
2 a (1) : having been seen, used, or known for a short time : NOVEL <rice was a new crop for the area> (2) : UNFAMILIAR <visit new places> b : being other than the former or old <a steady flow of new money>

There's several other definitions for new on the same page.

Re:

[RobertM1968]

True - but those are all context based. By definition (whichever you choose) the proper wording would be new(ly) found exploits, et al - as in the definitions you cited, there are modifiers such as "new crop " for the area" and "visit new places" is based off the perspective of who it is targeted towards (visiting New York might be visiting a new place to you, but not to me). The same with "a steady flow of new money" which is also based off the perspective of who the new money is flowing to/from.

We all kn

Check out Microsoft's other screwups

[yubbers9]

They're here: http://malfy.org/ [malfy.org]

Gangsta h4xx0rz

[wboelen]

drive-by takeover

Yeah homies let's go pop them unsuspecting computer users with da intratubes! Show 'em what bangin' is about.

Critical and Highly Critical?

[ninja_assault_kitten]

If that's what they're calling a vulnerability that requires user interaction, what would they rate something like a modern day Sapphire or Blaster? Give be a break. It's just another browser hole with exploit code in the wild. Medium severity at best.

The real difference between Firefox and MSIE

[Myria]

If you look at Firefox security bugs and IE security bugs, you'll see that there are more Firefox bugs than MSIE bugs in the exploit lists. There is, however, a big difference.

When Microsoft finds a security hole themselves, they don't tell anyone, and they don't release a patch. They fix it in the tree for the next release of the OS. The only time they release a patch is when someone else finds the bug. The reason they do this is because if they release a patch, people will "bindiff" it against the previous version and find what is changed so that they can make exploits to use against unpatched users. You can't realistically "bindiff" XP vs. Vista, so they can obscure their security updates inside Vista.

Firefox instead will issue patches no matter who finds them. This is why Firefox appears to have more bugs - you always see them get fixed.

Melissa

Plugin for IE

[univgeek]

Or whatever they are called.

Why do people use IE? Mostly because of Intranet sites which server up IE only content and work badly or not-at-all with other browsers. How 'bout an IE plugin which opens only Intranet/trusted sites in IE and opens all else in an external safe browser? Or is this unlikely to be useful?

Re:

[Verunks]

you can use ietab [mozdev.org] to embed ie into firefox and use it when you wish or automatically use it when you go to some sites like windowsupdate or other custom sites

Safety first...

[sii074306]

IE does not safe anymore.
why hacker were borned in this world?
why they do not do anything else than hack?

Re:Eh?

[LaughingCoder]

OK, I'll answer the question. About 75% of web users still use IE.

If you are a sys admin, or a web admin, Deal.

Re:

[rolandog]

In capitalist America, your computer can have 'safe sex' by using the Firefox condom and taking the 'NoScript' pill.