Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[tyreburner]

ah mai oui


Well i have also installed this fireofx thingy but i still have my email through ie7 and dont know how to change that does anyone else???

[Mr Skrunts]

Cheers Jimbob.


Allthough I must admit since using firefox I have not ventured back to IE.

[Bandit127]

I know everyone loves a scare story, but the article by the Beeb is a  bit OTT.

Here is The Register's version.
http://www.theregister.co.uk/2008/12/15/ie7_exploits/

As it stands, about 500 people worldwide have been affected. And the exploit will only nick online gaming passwords if you are unlucky enough to be affected.

IMO, Firefox (pre 3.0.4) and Safari are less secure even with this vulnerability in IE.  

There are some workarounds for IE here:
http://www.kb.cert.org/vuls/id/493881

[STMO123]

I know everyone loves a scare story, but the article by the Beeb is a  bit OTT.

Here is The Register's version.
http://www.theregister.co.uk/2008/12/15/ie7_exploits/

As it stands, about 500 people worldwide have been affected. And the exploit will only nick online gaming passwords if you are unlucky enough to be affected.

IMO, Firefox (pre 3.0.4) and Safari are less secure even with this vulnerability in IE.  

There are some workarounds for IE here:
http://www.kb.cert.org/vuls/id/493881

One in 500

[Mr Skrunts]

Would you want to be one of those 1 in 500?  or even one of the 500?

My mate haad £8000 lifted out of his account, aster he got it back he had £4000 lifted out of annother account with the same building society.

Is that a building society blunder or interent banking, we will never know as they admit nothing.

[Lizzie_Zoom]

I know everyone loves a scare story, but the article by the Beeb is a  bit OTT.

Here is The Register's version.
http://www.theregister.co.uk/2008/12/15/ie7_exploits/

As it stands, about 500 people worldwide have been affected. And the exploit will only nick online gaming passwords if you are unlucky enough to be affected.

IMO, Firefox (pre 3.0.4) and Safari are less secure even with this vulnerability in IE.  

There are some workarounds for IE here:
http://www.kb.cert.org/vuls/id/493881

One in 500

That is a hell of a lot of people out of the world's six billion population!

[STMO123]

Would you want to be one of those 1 in 500?

I dont know which is greater, 500 or 1 in 500

[Lizzie_Zoom]

Would you want to be one of those 1 in 500?

I dont know which is greater, 500 or 1 in 500

1 in 500 if it is of the whole population that uses the internet.

[Mr Skrunts]

Would you want to be one of those 1 in 500?

I dont know which is greater, 500 or 1 in 500

Re read the edited post, either way its still too many.

I would go with Lizzies post. 1 in 500 of 6 billion people is a lot.

[PaulW]

i cant use the alt+s now  

why did you use it anyway?? have just pressed it and it did nowt?

when you compose a message to send, you press alt+s to send it, its a shortcut if you look under the message box. now i have to slide me arrow to scroll the page down to send

Just press TAB then Return... :-?

[TheBoy]

This has kept me busy today!

The beeb, as normal, have blown it all out of proportion from what little I can glean.

Been on the blower to Microsoft, they are unsure of the exact ramifications, and what the worse case is.  They seem unsure of what browsers are affected - we run IE6 on some of the Citrix servers I look after, and I wanted to know if they were vulnerable.  Additionally, not entirely sure if its an IE issue, a database dll issue, or blended vulnerability - MS are hinting at blended.  They are also unsure if non-IE browsers could be affected.  Sounds like they either do not yet fully understand the attack, or are unable to reliably repeat it to debug whats happening.

But at least they were more helpful that Firefox, who do not offer any proper support. So who knows.  At this stage, I am unable to work out if FF will do similar if feed the same page - probably depends on the XML decoder installed on the PC to be honest.


As always, not logging on to Windows as an Administrator will cure most of these type attacks, but many users consider administritive rights as some kind of penile extension, so I guess that falls on deaf ears.

Whatever browser is used, I would recommend disabling the dll thats used in the attack if you don't need it.

[TheBoy]

TheBoy is being unusually silent!!

Thats because rather than spreading rumours and half truths, some of us have been busy all day phoning the various vendors to try to find out more

[LJay]

TheBoy is being unusually silent!!

Thats because rather than spreading rumours and half truths, some of us have been busy all day phoning the various vendors to try to find out more

Oooh handbags at dawn!

[Jimbob]

TheBoy is being unusually silent!!

Thats because rather than spreading rumours and half truths, some of us have been busy all day phoning the various vendors to try to find out more

Sorry, no time for that...

 
PANIC!

[TheBoy]

TheBoy is being unusually silent!!

Thats because rather than spreading rumours and half truths, some of us have been busy all day phoning the various vendors to try to find out more

Sorry, no time for that...

 
PANIC!

Mind you, it highlighted the fact one of our Citrix servers was running IE5