Internet Explorer users : Warning from MS

[airboatr]

Just heard on the tube that Microsoft has issued a warning to Internet Explorer * users.
A security breach has been found risking users to hackers. Microsoft has issued a temporary Fix





























DON"T USE IT!

revel in that you firefox users...
http://blogs.zdnet.com/hardware/?p=3189

[ianhind]

Going to the home page of that link, I see that Firefox was also updated yesterday to fix some security problems.

So if you don't have automatic updates on, manually upgrade to Firefox 3.05.

[TSR2]

Interesting that Mozzilla have "...has released a scheduled update for its open source Firefox web browsers for at least 10 different vulnerabilities."... "The bugs in the browser could have been used to run attacker code and install software, requiring no user interaction beyond normal browsing, said Mozilla"

Now I'm not a gambling man, but I wouldn't suggest that makes Firefox anymore secure than IE. And to give M$ credit, the patch was available within 24Hrs.

If anything we should all be very careful about where we go browsing. ;-)

[Techy111]

Well that cuts my time on the net to about a minute a day if i have to be careful Ben.....

Tony

[forthbridge]

Well, I have both on my system (FF and IE) and I *prefer* IE, specifically when looking at pictures, where it avoids the slow scrolling of FF. I don't really browse sites that I haven't already, so they (should) be pretty safe..... and If the loons were as targeted to Firefox instead of IE the 'tables' would quickly turn I'm sure.

Why don't all monitors come with an airbag-style device registered to an IP, which contains a powerful spring, and a 1920s boxing glove filled with concreted and an old shire-horseshoe? that way, any malicious action would result in the glove being deployed at full force into the face of the morons who have nothing better to do than create trouble!!!!

[ianhind]

Now I'm not a gambling man, but I wouldn't suggest that makes Firefox anymore secure than IE. And to give M$ credit, the patch was available within 24Hrs.

But Microsoft would not normally rush out a fix, preferring to wait for a scheduled patch release. So this must be serious.

Firefox seems to be more likely to fix things on an ongoing basis so hopefully it is more up to date

Quite where Google Chrome fits in with respect to vulnerabilities seems to be an unknown.

[TSR2]

Firefox seems to be more likely to fix things on an ongoing basis so hopefully it is more up to date

Thats a strange statement mate. MS patches things on an on going basis every month. I'm all for dishing out stick where its due, but alot of this sounds like M$ baiting... again.

Both browsers have various vunerabilities and both get patch as part of a proactive maintenance schedule (usually monthly). It should also be pointed out that these vunerabilities are exploited via websites which have been hacked. There is a huge emphasis on the end user patching their browsers, but more emphasis should be put on shoddy websites which are easily exploited to allow these dangerous programs to be hosted, its simply the old "prevention is better than cure"

Additionally, modern exploits of this nature (although not this particular one)will affect all browsers and OS's as there is a massive movement towards coding everything in the bloatware that is Java. Java will run on anything Mac, Linux and Windows, so websites that have a Java exploit would not deceminate between OS. We all have to be much more sensable about our browsing.

[ianhind]

Ben

Not MS baiting - it just didn't come out as I intended. As you say, MS usually release patches on a fixed schedule whereas the release of FF patches can be any time and not just waiting for a schedule. Whether that allows release sooner is what I meant.

And do you mean Java or Javascript? I thought Java was supposed to be locked down as a VM to avoid problems.

Javascript is a potential problem which is why I have NoScript in Firefox - it only allows through Javascript when I say so and hence I rarely see the pop ups and other messages that have alarmed others in the past. Mind you it plays havoc with some online shops if I forget to allow the payment page through .

Ian