[Vision2020] Major flaw revealed in Internet Explorer; users urged to switch

Kenneth Marcy kmmos1 at verizon.net
Tue Dec 16 19:19:48 PST 2008


Major flaw revealed in Internet Explorer; users urged to switch

Tue Dec 16, 2008 11:49AM EST

Here's the link to the article:
http://tech.yahoo.com/blogs/null/111811

Here's the link to the discussion page:
http://buzz.yahoo.com/article/1:y_tech:e10b28ebd5ae33777e8dac9f065278e7

The major press outlets are abuzz this morning with news of a major new 
security flaw that affects all versions of Internet Explorer from IE5 to the 
latest beta of IE8. The attack has serious and far-reaching ramifications -- 
and they're not just theoretical attacks. In fact, the flaw is already in 
wide use as a tool to steal online game passwords, with some 10,000 websites 
infected with the code needed to take advantage of the hole in IE.

Virtually all security experts (as well as myself) are counseling users to 
switch to any other web browser -- none of the others are affected, including 
Firefox, Chrome, and Opera -- at least for the time being, though Microsoft 
has stubbornly said it "cannot recommend people switch due to this one flaw." 
Microsoft adds that it is working on a fix but has offered no ETA on when 
that might happen. Meanwhile it offers some suggestions for a temporary 
patch, including setting your Internet security zone settings to "high" and 
offering some complicated workarounds. (Some reports state, however, that the 
fixes do not actually work.)

Expedient patching or switching are essential. Security pros fear that the 
attack will soon spread beyond the theft of gaming passwords and into more 
criminal arenas, as the malicious code can be placed on any website and can 
be adapted to steal any password stored or entered using the browser. It's 
now down to the issue of time: Will Microsoft repair the problem and 
distribute a patch quickly enough to head off the tsunami of fraud that's 
about to hit or will it come too late to do any good?

Meanwhile, I'll reiterate my recommendation: Switch from Internet Explorer as 
soon as you can. You can always switch back once the threat is eliminated.

Links for other browsers to try: Firefox Chrome Safari Opera 

Firefox: http://www.mozilla.com/en-US/firefox/

Chrome: http://www.google.com/chrome

Safari: http://www.apple.com/safari/

Opera: http://www.opera.com/


Ken



More information about the Vision2020 mailing list