Linked by Thom Holwerda on Wed 20th Jan 2010 22:41 UTC
Internet Explorer Well, that was quick. Microsoft said yesterday it would release an out-of-band security update to fix the vulnerability found in Internet Explorer which was used during the Google attacks. Today it announced the fix will be released tomorrow.
Order by: Score:
I don't know about you...
by Anon on Wed 20th Jan 2010 23:09 UTC
Anon
Member since:
2006-01-02

... but I find it almost funny that Google, of all companies, got hacked for using INTERNET EXPLORER 6.

I mean, surely they'd be using the great brower that is Chrome, or at least Firefox.

The Onion should write an article along the lines of Microsoft increases market share though supplying and use of their insecure software by compeditors.

Now we see more holes in Windows.

Microsoft really need to start from scratch and remove all that legacy shit. Start clean, write a cleaner windows with a VM layer for Win32 applications.

Edited 2010-01-20 23:16 UTC

Reply Score: 1

RE: I don't know about you...
by Cody Evans on Thu 21st Jan 2010 02:07 UTC in reply to "I don't know about you..."
Cody Evans Member since:
2009-08-14

Kind of like Midori?

It has been reported to be a possible commercial implementation of the Singularity operating system, a research project started in 2003 to build a highly-dependable operating system in which the kernel, device drivers, and applications are all written in managed code. It was designed for concurrency, and can run a program spread across multiple nodes at once. It also features an entirely new security model that sandboxes applications for increased security. Microsoft has mapped out several possible migration paths from Windows to Midori.

http://en.wikipedia.org/wiki/Midori_(operating_system)

Reply Score: 2

Not only IE6
by lemur2 on Thu 21st Jan 2010 00:10 UTC
lemur2
Member since:
2007-02-17

FTA:

Even though the actual exploit currently out there (the one used in the Google attack) only affects Windows XP running Internet Explorer 6, Microsoft still rates this vulnerability as "Critical", meaning the company takes it quite seriously.


Thom, are you aware that some security experts have come up with exploit code against this vulnerability that they claim works on IE7 and IE8 running on Vista or Windows 7?

It is just that these more advanced exploits weren't seen in the wild or used by attackers.

Microsoft are entirely correct to take this seriously.

Reply Score: 4