Dynaverse.net

Off Topic => Engineering => Topic started by: Bonk on December 16, 2008, 10:46:54 am

Title: Unpatched IE Vulnerability
Post by: Bonk on December 16, 2008, 10:46:54 am
This one looks pretty significant, judging by the general rumblings around the net.

http://www.microsoft.com/technet/security/advisory/961051.mspx

http://secunia.com/advisories/33089/
http://secunia.com/blog/38/

If you are an Internet Explorer user, I strongly recommend using an alternate browser such as Opera or Firefox until this is patched.
Title: Re: Unpatched IE Vulnerability
Post by: Pestalence_XC on December 16, 2008, 12:05:13 pm
The Vunerability shows for IE 5, 6 and 7 .. I noticed that IE 8 is not listed and I happen to be using IE 8.
Title: Re: Unpatched IE Vulnerability
Post by: Bonk on December 16, 2008, 12:57:48 pm
I'm not sure why Secunia does not list it in their report, but Microsoft does:

Microsoft Security Advisory (961051) (http://www.microsoft.com/technet/security/advisory/961051.mspx)

Check the following info to determine if you are affected:
Quote
Microsoft is continuing its investigation of public reports of attacks against a new vulnerability in Internet Explorer. Our investigation so far has shown that these attacks are only against Windows Internet Explorer 7 on supported editions of Windows XP Service Pack 2, Windows XP Service Pack 3, Windows Server 2003 Service Pack 1, Windows Server 2003 Service Pack 2, Windows Vista, Windows Vista Service Pack 1, and Windows Server 2008. Microsoft Internet Explorer 5.01 Service Pack 4, Microsoft Internet Explorer 6 Service Pack 1, Microsoft Internet Explorer 6, and Windows Internet Explorer 8 Beta 2 on all supported versions of Microsoft Windows are potentially vulnerable.

Title: Re: Unpatched IE Vulnerability
Post by: Bonk on December 17, 2008, 05:48:55 am
I hear there should be a patch out for this today.

And Guitar Hero Metallica will be out next year! Go Kirk!  :rwoot:  (radio news, sorry)
Title: Re: Unpatched IE Vulnerability
Post by: Javora on December 17, 2008, 03:58:14 pm
Microsoft has released a patch for IE today.  It can be found at Windows update.
Title: Re: Unpatched IE Vulnerability
Post by: toasty0 on December 22, 2008, 08:38:02 am
This one looks pretty significant, judging by the general rumblings around the net.

[url]http://www.microsoft.com/technet/security/advisory/961051.mspx[/url]

[url]http://secunia.com/advisories/33089/[/url]
[url]http://secunia.com/blog/38/[/url]

If you are an Internet Explorer user, I strongly recommend using an alternate browser such as Opera or Firefox until this is patched.


Fixed.