PSA: Microsoft issuing emergency browser fix...

Zim Hosein

Super Moderator | Elite Member
Super Moderator
Nov 27, 1999
65,137
399
126
Microsoft has released a security update to address a major security flaw in Internet Explorer.

Security Update for Internet Explorer for Windows XP (KB960714)

Download the version for your machine, here.

This one's serious. Share the info with your friends.

Updated and stickied with link goodness to the fix.

---

REDMOND, Wash. - Microsoft Corp. is taking the unusual step of issuing an emergency fix for a security hole in its Internet Explorer software that has exposed millions of users to having their computers taken over by hackers.

The "zero-day" vulnerability, which came to light last week, allows criminals to take over victims' machines simply by steering them to infected Web sites; users don't have to download anything for their computers to get infected, which makes the flaw in Internet Explorer's programming code so dangerous. Internet Explorer is the world's most widely used Web browser.

Microsoft said it plans to ship a security update, rated "critical," for the browser on Wednesday. People with the Windows Update feature activated on their computers will get the patch automatically.

Thousands of Web sites already have been compromised by criminals looking to exploit the flaw. The bad guys have loaded malicious code onto those sites that automatically infect visitors' machines if they're using Internet Explorer and haven't employed a complicated series of workarounds that Microsoft has suggested.


Microsoft said it has seen attacks targeting the flaw only in Internet Explorer 7, the most widely used version, but has cautioned that all other current editions of the browser are vulnerable.

Microsoft rarely issues security fixes for its software outside of its regular monthly updates. The company last did it in October, and a year and half before that.

Microsoft issuing emergency browser fix.

Just a PSA to those members that do not visit the other forums of AT. :)
 

spidey07

No Lifer
Aug 4, 2000
65,469
5
76
Yeah, it's pretty fargin' serious.

*cue folks that say AV/firewall/et. al. and you're fine* No, you don't quite get it.

I think ModelWorks posted something similar today. I like how they put "zero-day" in quotes like is something new or needed to be quoted.
 

Exterous

Super Moderator
Jun 20, 2006
20,535
3,675
126
Didn't you know? Putting "quotation quotes" around something is the "new" way to "emphasize" "important " words
 

Descartes

Lifer
Oct 10, 1999
13,968
2
0
Are you two being serious? It's in quotes because the context isn't known to the reader. How many people have a clue as to what zero-day means?
 
Feb 24, 2001
14,513
4
81
Originally posted by: Descartes
Are you two being serious? It's in quotes because the context isn't known to the reader. How many people have a clue as to what zero-day means?

Zero-Day is where the German's dropped the atomic bomb on Pearl Harbor right?

And thanks for the heads-up, will make sure the workstations at work are updated.
 

spidey07

No Lifer
Aug 4, 2000
65,469
5
76
Originally posted by: Descartes
Are you two being serious? It's in quotes because the context isn't known to the reader. How many people have a clue as to what zero-day means?

My bad, I thought the link was for a technology audience. Use of quotes appropriate for it's intended audience.
 

lokiju

Lifer
May 29, 2003
18,526
5
0
Thanks for the heads up, I'll be sure to push the fix out to everyone first thing tomorrow.
 

Zim Hosein

Super Moderator | Elite Member
Super Moderator
Nov 27, 1999
65,137
399
126
Originally posted by: lokiju
Thanks for the heads up, I'll be sure to push the fix out to everyone first thing tomorrow.

NP lokiju, glad I could help! :beer:
 

Blayze

Diamond Member
Feb 22, 2000
6,152
0
0
Thanks for the info.

This is only affecting IE right now, or is Firefox, etc... vulnerable?
 

irishScott

Lifer
Oct 10, 2006
21,562
3
0
*Yawn* Being safe on the internet is a lot like being safe while walking through a big city at night. Just avoid the dark allys and be alert, chances are you'll be fine. Unless the hackers infect some large-scale site, I fail to see how this is an emergency. Sure it's a serious issue and needs to be patched, but nothing pant-shit worthy.
 

Red Squirrel

No Lifer
May 24, 2003
69,311
13,047
126
www.anyf.ca
So who are these "criminals"? People from jail accessing your pc? :p lol

Another reason to use another browser. (yes firefox can and has exploits but they tend to be less plentiful and less dangerous)
 

spidey07

No Lifer
Aug 4, 2000
65,469
5
76
Originally posted by: irishScott
*Yawn* Being safe on the internet is a lot like being safe while walking through a big city at night. Just avoid the dark allys and be alert, chances are you'll be fine. Unless the hackers infect some large-scale site, I fail to see how this is an emergency. Sure it's a serious issue and needs to be patched, but nothing pant-shit worthy.

*ahem*
Did you know that your browser makes many connections and calls to many different sites from the URL you initially typed into your browser?

 

Zim Hosein

Super Moderator | Elite Member
Super Moderator
Nov 27, 1999
65,137
399
126
Originally posted by: Blayze
Thanks for the info.

This is only affecting IE right now, or is Firefox, etc... vulnerable?

From my "limited" understanding, the issue only affects IE Blayze; If I am wrong, feel free to jump in and correct me for all that read this thread! :)
 

Skeeedunt

Platinum Member
Oct 7, 2005
2,777
3
76
Originally posted by: irishScott
*Yawn* Being safe on the internet is a lot like being safe while walking through a big city at night. Just avoid the dark allys and be alert, chances are you'll be fine. Unless the hackers infect some large-scale site, I fail to see how this is an emergency. Sure it's a serious issue and needs to be patched, but nothing pant-shit worthy.

The difference is that a dark alley is just a click away. You research the validity of every domain before you visit it? Never just click a random link someone posts here? That's all it takes for a drive-by attack like this.

I agree that common sense will take you a long way, but I don't think vulnerabilities like this should be underestimated.
 

irishScott

Lifer
Oct 10, 2006
21,562
3
0
Originally posted by: spidey07
Originally posted by: irishScott
*Yawn* Being safe on the internet is a lot like being safe while walking through a big city at night. Just avoid the dark allys and be alert, chances are you'll be fine. Unless the hackers infect some large-scale site, I fail to see how this is an emergency. Sure it's a serious issue and needs to be patched, but nothing pant-shit worthy.

*ahem*
Did you know that your browser makes many connections and calls to many different sites from the URL you initially typed into your browser?

Yes. Like I said, "large scale site". If they infect doubleclick.net or something I'll get concerned. For others anyway.

<------Doesn't use IE
 

Baked

Lifer
Dec 28, 2004
36,052
17
81
Just installed it for both XP and Vista. I got the auto update thing going on.
 

SparkyJJO

Lifer
May 16, 2002
13,357
7
81
It is in my critical update list but I haven't gotten around to it. I don't use IE7 anyway so I'm not in a rush.
 

Zee

Diamond Member
Nov 27, 1999
5,171
3
76
big deal. you should sticky this forever and change the post to generic. MS releases fixes all the time. and there are vulnerabilities all the time especially with javascript and activex enabled
 

her209

No Lifer
Oct 11, 2000
56,336
11
0
Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
 

Ika

Lifer
Mar 22, 2006
14,264
3
81
Originally posted by: RedSquirrel
So who are these "criminals"? People from jail accessing your pc? :p lol

Another reason to use another browser. (yes firefox can and has exploits but they tend to be less plentiful and less dangerous)

eThugs, maybe?
 

ultimatebob

Lifer
Jul 1, 2001
25,134
2,449
126
Wait... People still use Internet Explorer around here? I thought that almost everyone uses Firefox,Safari,Opera, or Chrome now.