DrJBHL DrJBHL

MS Security Advisory on IE Exploit Update 1

MS Security Advisory on IE Exploit Update 1

from JoeUser Forums

 

A weekend blog post from MS about this. Not common at all.

This exploit would allow remote code execution if one visits an affected website, after browser compromise through email or even IM.

IE 10 and 11 are protected from this if they have “Enhanced Protection Mode” turned on. You are also protected if you have EMET 4.1 or 5.0 Tech Preview installed.

“Microsoft says that PC owners should always enable their personal firewall, make sure to have all of the latest software updates for their programs, and have all the most recent anti-virus and anti-malware definitions.

Finally, Microsoft said, " ... we encourage everyone to exercise caution when visiting websites and avoid clicking suspicious links, or opening email messages from unfamiliar senders." The blog did not have any information on when Microsoft will release a patch that will close this latest IE exploit.” – Neowin

 

Update 1:


MS has confirmed the security hole and workarounds - read more here:

http://www.neowin.net/news/microsoft-confirms-workarounds-for-internet-explorers-major-vulnerability


Source:

http://www.neowin.net/news/microsoft-issues-security-advisory-for-internet-explorer-exploit

105,188 views 50 replies
Reply #26 from WinCustomize Forums Top

Quoting Philly0381, reply 22

I'm from the mindset that unfortunately folks tend to forget applying common sense to the use of computers and usually wind up reacting instead of acting.  We will all come up with our own opinions on IT Threats, the key is not losing our wits over them.  I think of it as much like taking a walk around the block you in live on, each time you go out you can and more than likely come across different things you should avoid, the occasional unleashed dog, the person at the corner with their hands in their pocket, etc.  You don't stop taking your walk, you just apply common sense.     
End of Philly0381's quote

ObjectDock - Access shortcuts and frequently used applications from an animated dock.
Reply #28 from WinCustomize Forums Top

Quoting DrJBHL, reply 27
confermed
End of DrJBHL's quote
;P

Reply #29 from WinCustomize Forums Top

Doc, any thoughts on the first comment on the link you show, what about Firefox and Chrome?  :-"

Reply #30 from WinCustomize Forums Top

Quoting RedneckDude, reply 28


Quoting DrJBHL, reply 27confermed? 
End of RedneckDude's quote

Despite trying to disguise yourself as Jafo, the sheep standing next to you is a dead give away, Jim.

 

 

Quoting Philly0381, reply 29

Doc, any thoughts on the first comment on the link you show, what about Firefox and Chrome? 
End of Philly0381's quote

As has been stated in multiple places, multiple times Philly, those browsers are not vulnerable to the malware currently allowing remote code execution through Internet Explorer. Chrome, FF and all the browsers based on them (WhiteHat Aviator, Comodo Chrome, IceDragon...)

Also, you might be interested in the article I just put up about WhiteHat Aviator.

Reply #31 from WinCustomize Forums Top

Quoting DrJBHL, reply 30


Quoting RedneckDude, reply 28

Quoting DrJBHL, reply 27confermed? 

Despite trying to disguise yourself as Jafo, the sheep standing next to you is a dead give away, Jim.

 

 


End of DrJBHL's quote

 

 

hehe

Reply #32 from WinCustomize Forums Top

Quoting DrJBHL, reply 30
Despite trying to disguise yourself as Jafo, the sheep standing next to you is a dead give away, Jim.
End of DrJBHL's quote

 

 

 

 

 

 

 

 

 

 

Reply #34 from WinCustomize Forums Top

Wiz...as you know, the OP related only to a certain defect and exploit in IE.

Other browsers have their weak points, but... WhiteHat Aviator is an especially strong one.

Reply #35 from WinCustomize Forums Top

 

Reply #36 from WinCustomize Forums Top

Quoting DrJBHL, reply 34
WhiteHat Aviator is an especially strong one
End of DrJBHL's quote
It appears so. It at least takes some of the guesswork out of what extensions are best to enhance Chrome's security. 

Reply #37 from WinCustomize Forums Top

Which is a blessing...and it really does take active steps to prevent hacking as well as stripping urls. 

Better than regular Chrome. Also it's a fast sob.

Reply #38 from WinCustomize Forums Top

Isn't a big part of the problem is that IE is one of (if not the the number one) targeted browser for hackers? I think they rely/count on the majority of the uninformed to be using it for all their personal stuff ?

All the popular browsers have their own issues. I just know how hard it was getting my wife to switch to anything other than IE because it was just outside her comfort zone at the time. Now I am trying to get her to try Chrome and it's the same thing all over again.

I think hackers count on people new to computers and going on line to start and stick with IE and not know how to protect themselves until they've actually become victims of these exploits, etc.

Reply #39 from WinCustomize Forums Top

I just checked Windows Update and I had a Security Update for IE 10.  In looking at the description it would appear that this is an update for this threat.  Looks like MS decided to push the fix out quicker than stated.  :sun:

 

EDIT:  I found this on Major Geeks.  http://www.majorgeeks.com/news/story/microsoft_issues_patch_for_ieincludes_security_update_for_xp.html

 

Reply #40 from WinCustomize Forums Top

So XP get's a reprieve. Not too shabby. :thumbsup:

Reply #41 from WinCustomize Forums Top

Quoting Philly0381, reply 39
I found this on Major Geeks
End of Philly0381's quote

Ya thanks for mentioning that Philly.  That was nice of MS, I really hadn't expected it (and I can't expect another).

 

Reply #42 from WinCustomize Forums Top

Received a patch this morning KB2964358

 

Cheers

 

Macca

Reply #43 from WinCustomize Forums Top

Quoting PoSmedley, reply 38

Isn't a big part of the problem is that IE is one of (if not the the number one) targeted browser for hackers? I think they rely/count on the majority of the uninformed to be using it for all their personal stuff ?

All the popular browsers have their own issues. I just know how hard it was getting my wife to switch to anything other than IE because it was just outside her comfort zone at the time. Now I am trying to get her to try Chrome and it's the same thing all over again.

I think hackers count on people new to computers and going on line to start and stick with IE and not know how to protect themselves until they've actually become victims of these exploits, etc.
End of PoSmedley's quote

Yes...and it has a goodly sized market share of unsophisticated users.

 

Reply #44 from WinCustomize Forums Top

I suppose that the IE updates yesterday broke the emoticons in the forums? 

Reply #45 from WinCustomize Forums Top

Only one way to know for sure, Philly. Roll them back one at a time and check...

Reply #46 from WinCustomize Forums Top

Quoting Philly0381, reply 44

I suppose that the IE updates yesterday broke the emoticons in the forums? 
End of Philly0381's quote

I can see the emoticons now.   :thumbsup:

Reply #47 from WinCustomize Forums Top

Quoting Philly0381, reply 46


Quoting Philly0381, reply 44
I suppose that the IE updates yesterday broke the emoticons in the forums? 

I can see the emoticons now.  
End of Philly0381's quote

Pays to clean your glasses every so often, eh?  :grin:

Reply #48 from WinCustomize Forums Top

Quoting DrJBHL, reply 47
Pays to clean your glasses every so often, eh?
End of DrJBHL's quote

Glasses?!?!? Did somebody s-say g-g-glasses?

Reply #49 from WinCustomize Forums Top

I clean mine ever day. Still can't see s**t though. Maybe if I put them on...

Reply #50 from WinCustomize Forums Top

ooops....

Sorry, bro. Forgot.

:(