Linked by Thom Holwerda on Wed 25th Jan 2006 21:16 UTC, submitted by Varg Vikernes
Mozilla & Gecko clones Here is a page discussing various myths surrounding Firefox. "We have all seen these banners before or heard people say 'Firefox is faster, Firefox has lower requirements, Firefox is secure, Firefox defends me from all spyware, etc.' How misleading is it? Read on." Flame away. And be gentle. That's an order. And here's a rebuttal.
Thread beginning with comment 89727
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE
by Termal on Thu 26th Jan 2006 16:57 UTC in reply to "RE"
Termal
Member since:
2006-01-04

The WMF flaw allowed arbitrary code to be executed. There were sites in the wild actively exploiting this to install malware. If you used IE to visit such a site, you WOULD have malware installed with no interaction required.

Go see this video for yourself:
http://www.websensesecuritylabs.com/images/alerts/wmf-movie.wmv

Note that since WMF files can be embedded, the URL wouldn't need to show the WMF extension the way the one in the demo does. Everything after that point is fully automatic with a then-current XP SP2 box.

Reply Parent Score: 2

RE
by CPUGuy on Thu 26th Jan 2006 23:54 in reply to "RE"
CPUGuy Member since:
2005-07-06

An exploit is not the same thing as allowing people to install viruses and such without user intervention.... which happens to be exactly what I said.

Reply Parent Score: 0

RE
by hal2k1 on Fri 27th Jan 2006 09:19 in reply to "RE"
hal2k1 Member since:
2005-11-11

"An exploit is not the same thing as allowing people to install viruses and such without user intervention.... which happens to be exactly what I said."

Yes it is, and yes it does.

I watched that video and I thought ... what a nightmare. I wonder how many people were extorted out of $39.95 a year by that.

How can you sleep at night running a Windows system exposed to the internet?

Reply Parent Score: 1