User Tag List

Thanks Thanks:  0
Likes Likes:  0
Dislikes Dislikes:  0
Results 1 to 3 of 3

Thread: Internet Explorer Compromised

  1. #1
    Premier Users
    Points: 108,657, Level: 100
    Level completed: 0%, Points required for next Level: 0
    Overall activity: 100.0%
    Achievements:
    OverdriveTagger First ClassThree FriendsCreated Blog entryVeteran100000 Experience Points
    Awards:
    Frequent Poster

    Internet Explorer Compromised


    AmericanThunder's Avatar
    Join Date
    Jan 2014
    Location
    Swindon, UK
    Posts
    9,235
    Points
    108,657
    Level
    100
    Total Contributions For

    AmericanThunder     £ 15.00
    Avg. Time Online
    1 Hour 17 Minutes 8 Seconds
    Blog Entries
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    vBActivity - Stats
    Points
    20,228
    Level
    39
    vBActivity - Bars
    Lv. Percent
    99.19%

    Internet Explorer Compromised

    The U.S. Department of Homeland security is advising Americans not to use the Internet Explorer Web browser until a fix is found for a serious security flaw that came to light over the weekend.

    The bug was announced on Saturday by FireEye Research Labs, an Internet security software company based in Milpitas, Calif.

    "We are currently unaware of a practical solution to this problem," Will Dormann at the CERT division of the Software Engineering Institute at Carnegie Mellon University in Pittsburgh, wrote on Monday.

    It recommended that users and administrators "consider employing an alternative Web browser until an official update is available."

    The security flaw allows malicious hackers to get around security protections in the Windows operating system. They then can be infected when visiting a compromised website.

    Because the hack uses a corrupted Adobe Flash file to attack the victim's computer, users can avoid it by turning off Adobe Flash.

    "The attack will not work without Adobe Flash," FireEye said. "Disabling the Flash plugin within IE will prevent the exploit from functioning."

    While the bug affects all versions of Internet Explorer 6 through 11 it is currently targeting IE9 and IE10, FireEye stated.

    The attacks do not appear to be widespread at this time. Microsoft said it was "aware of limited, targeted attacks that attempt to exploit" the vulnerability.

    These are called "watering-hole attacks," said Satnam Narang, a threat researcher with computer security company Symantec in Mountain View, Calif.

    Rather than directly reach out to a victim, the hackers inject their code into a "normal, everyday website" that the victim visits, he said. Code hidden on the site then infects their computers.

    "It's called a watering-hole attack because if you're a lion, you go to the watering hole because you know that's where the animals go to drink."

    FireEye said the hackers exploiting the bug are calling their campaign "Operation Clandestine Fox."

    Microsoft confirmed Saturday that it is working to fix the code that allows Internet Explorer versions 6 through 11 to be exploited by the vulnerability. As of Monday morning, no fix had been posted.

    Microsoft typically releases security patches on the second Tuesday of each month, what's known as Patch Tuesday. The next one is Tuesday, May 14. Whether the company will release a patch for this vulnerability before that isn't known.

    About 55% of PC computers run one of those versions of Internet Explorer, according to the technology research firm NetMarketShare. About 25% run either IE9 or IE10.

    Computer users who are running the Windows XP operating system are out of luck. Microsoft discontinued support of the system on April 8.

    Symantec is offering XP users tools to protect themselves, which it has made available on its blog.

  2. #2
    Forum Admin
    Points: 7,342,646, Level: 100
    Level completed: 0%, Points required for next Level: 0
    Overall activity: 99.8%
    Achievements:
    Three FriendsVeteranCreated Album picturesCreated Blog entryOverdriveTagger First ClassYour first GroupRecommendation First Class

    Internet Explorer Compromised


    TransAmDan's Avatar
    Join Date
    Apr 1999
    Location
    Waterlooville, Hampshire
    Posts
    13,126
    Points
    7,342,646
    Level
    100
    Total Contributions For

    TransAmDan     £ 5.00
    Avg. Time Online
    2 Hours 32 Minutes 33 Seconds
    Blog Entries
    31
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    vBActivity - Stats
    Points
    108,138
    Level
    75
    vBActivity - Bars
    Lv. Percent
    71.29%
    Interesting stuff. I think anyone with experience doesn't use Microsoft products to browse the internet. However I guess there is a good percentage who do. Thanks for sharing the info. What happenes to the compromised machine? Can the hacker view files on the computer, or grab log in passwords from IE?

    My annoyance at the moment is blooming Java updates, people here click on update, and don't see the tick box that installs annoying tool bars clogging up their systems.

    2000 Trans-Am WS6 LS1 M6. (The Bat)
    Corsa Cat back, 3.5" dual tips. F.A.S.T LSX Intake / F.A.S.T Fuel rails, Dynatech LT Headers / Y-Pipe / No Cats, Wisper Lid, ported MAF, Racetronix 42lb/hr fuel injectors. Hypertech 160 stat. !AIR, !EGR. Walbro 255, SPEC Stage II Clutch / Flywheel. HPTuners 1BAR SD Tune. Wide Band gauge.
    389RWHP/380RWTQ ([477HP/460TQ]Flywheel) Dyno Dynamics

    More info and photos at:-
    http://www.solent-renegades.co.uk/co...-trans-am.html

  3. #3
    Premier Users
    Points: 108,657, Level: 100
    Level completed: 0%, Points required for next Level: 0
    Overall activity: 100.0%
    Achievements:
    OverdriveTagger First ClassThree FriendsCreated Blog entryVeteran100000 Experience Points
    Awards:
    Frequent Poster

    Internet Explorer Compromised


    AmericanThunder's Avatar
    Join Date
    Jan 2014
    Location
    Swindon, UK
    Posts
    9,235
    Points
    108,657
    Level
    100
    Total Contributions For

    AmericanThunder     £ 15.00
    Avg. Time Online
    1 Hour 17 Minutes 8 Seconds
    Blog Entries
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    vBActivity - Stats
    Points
    20,228
    Level
    39
    vBActivity - Bars
    Lv. Percent
    99.19%
    Quote Originally Posted by TransAmDan View Post
    My annoyance at the moment is blooming Java updates, people here click on update, and don't see the tick box that installs annoying tool bars clogging up their systems.
    If you run Group Policy you can prevent the annoying toolbars being installed even if the user doesn't untick the box. Let me know if you need to know how.

    With regard to IE - "The security flaw allows malicious hackers to get around security protections in the Windows operating system. They then can be infected when visiting a compromised website.
    Because the hack uses a corrupted Adobe Flash file to attack the victim's computer, users can avoid it by turning off Adobe Flash.
    "The attack will not work without Adobe Flash," FireEye said. "Disabling the Flash plugin within IE will prevent the exploit from functioning.""

    I guess that makes a mockery of all those who wouldn't buy Apple iDevices becuase they couldn't use flash!

    But what is the alternative to IE?
    Google chrome? - not on my network or any of my home systems. Privacy is not something I am just going to give up!
    Firefox? - My choice on the home systems but I have also had too many instances of it losing preferences when updates are applied to make it a serious contender in the workplace.
    Opera? - Maybe, but again privacy (Opera caches the pages you load on a server before sending them to you - in the name of speed but who know what info they track from that?)

Similar Threads

  1. BMW i3 Super Bowl Ad Goes Back to Pre-Internet Times
    By RSS_Auto_Poster in forum American Car Manufacture news
    Replies: 0
    Last Post: 26-01-2015, 21:12
  2. Upgraded my internet speed. 150Mb/s
    By TransAmDan in forum Anything Else
    Replies: 2
    Last Post: 27-06-2014, 21:52
  3. 2015 Ford Explorer
    By RSS_Auto_Poster in forum American Car Manufacture news
    Replies: 0
    Last Post: 20-06-2014, 00:18
  4. Pandora Internet Radio Adds In-Car Advertising
    By RSS_Auto_Poster in forum American Car Manufacture news
    Replies: 0
    Last Post: 07-01-2014, 21:12
  5. Ford Explorer Sport Trac
    By RSS_Auto_Poster in forum American Car Manufacture news
    Replies: 1
    Last Post: 29-12-2013, 15:36

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •