Print 65 comment(s) - last by MrPoletski.. on Dec 23 at 9:12 AM

A new security flaw discovered in Microsoft's Internet Explorer has the company and its customers losing much sleep

News broke in the security world earlier this week that a critical vulnerability had been found in Microsoft's Internet Explorer 7.  The vulnerability could be used to take over computers and is known to be currently being used to steal passwords.

Rick Ferguson, a senior security adviser at security firm Trend Micro says thus far the hole has only been exploited to steal online game passwords, but the attacks could become much more serious for unpatched users.  He states, "It is inevitable that it will be adapted by criminals. It's just a question of modifying the payload the trojan installs."

The seriousness of the flaw was evidenced by Microsoft's rather public announcement of the vulnerability and panicked rush to develop a patch.  So-called "out-of-band" announcements from Microsoft are rare. 

In this case it made such an announcement, stating in a press release, "Microsoft teams worldwide have been working around the clock to develop a security update to help protect our customers.  Until the update is available, Microsoft strongly encourages customers to follow the Protect Your Computer Guidance at, which includes activating the Automatic Update setting in Windows to ensure that they receive the update as soon as it is available."

Microsoft has announced that it will have a patch for the vulnerability by 1800 GMT on 17 December, available via Windows Update.

Some experts have suggested that corporate and private users switch browsers, to an alternative such as Firefox, Opera, or Chrome until the security flaw is patched on affected systems.  Only Microsoft Internet Explorer 7 is vulnerable to this latest attack.

However, some security experts are cautioning that a switch may be equally problematic.  Says Graham Cluley, senior consultant with security firm Sophos, "Firefox has issued patches and Apple has too. Whichever browser you are using you have to keep it up to date.  People have to be prepared and willing to install security updates. That nagging screen asking if you want to update should not be ignored."

The report ironically follows fast on a report that Firefox is a dangerously vulnerable application for businesses.  Apple's Safari has also been blasted within the last year for poor security and patching

Even the security of major open source software, not a popular target for hackers who heavily use such software, was recently brought into question when a major encryption scheme was found to be broken.  All of these instances illustrating the growing challenge of computer security, the difficulty with being a market leader (and thus a mark), and need for diligence when it comes to patches and updates.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: Bit late?
By afkrotch on 12/17/2008 1:08:43 PM , Rating: 3
I find DT trails behind other sites by a few hours to days, while they at the same time are ahead of other sites by a few hours to days.

RE: Bit late?
By headbox on 12/17/2008 1:19:54 PM , Rating: 5
It takes time to read other news sites, then copy paste sections to make your own story.

RE: Bit late?
By Dreifort on 12/17/2008 1:56:10 PM , Rating: 5
Yahoo posted this story yesterday ;)

But it's Internet Explorer. I mean...really. Is this even news worthy?

RE: Bit late?
By on 12/17/08, Rating: -1
RE: Bit late?
By TheSpaniard on 12/17/2008 5:06:07 PM , Rating: 2
really last I checked my computers were used for things like x-ray crystallography and other data crunching and mind numbing tasks

YOU use it as a toy then so be it

PS: god can we force him to change his name? it drives me nuts when PS3 is attached to everything that flys from this person's keyboard

RE: Bit late?
By kmmatney on 12/18/2008 12:29:51 AM , Rating: 3
Woohoo! Another X-ray crystallographer!

RE: Bit late?
By TheSpaniard on 12/18/2008 11:03:45 AM , Rating: 2
we are far and few between arent we?

PS: I only do crystallography as confirmation of ligand-protein binding the rest of my life is stuck somewhere between assays and SDS-PAGE gells

RE: Bit late?
By YouInspireMe on 12/19/2008 4:40:19 AM , Rating: 2
Spaniard, I am going to save you alot of typing. In the future you can just cut and paste this;

"I want you to believe that I am smarter than you. I don't respect your intellect and will go to great length to impress you with my vocabulary."

RE: Bit late?
By menace on 12/19/2008 10:41:13 AM , Rating: 2
So you run folding@home and leave your computer running all the time. That makes you superior to the rest of us wasting our valuable FLOPS having fun.

RE: Bit late?
By MrPoletski on 12/23/2008 9:12:32 AM , Rating: 2
The guys obviously a crack head. don't feed the troll and the troll will starve here so head off elsewhere.

RE: Bit late?
By notolerance on 12/17/2008 6:33:50 PM , Rating: 4
Huh?!! You done what to the dog?!?!

RE: Bit late?
By MrPoletski on 12/23/2008 9:10:45 AM , Rating: 2
I find DT trails behind other sites by a few hours to days, while they at the same time are ahead of other sites by a few hours to days.

The chief editor of Dailytech is clearly from Gallifrey.

Is he a Doctor?

"A politician stumbles over himself... Then they pick it out. They edit it. He runs the clip, and then he makes a funny face, and the whole audience has a Pavlovian response." -- Joe Scarborough on John Stewart over Jim Cramer

Most Popular ArticlesSmartphone Screen Protectors – What To Look For
September 21, 2016, 9:33 AM
UN Meeting to Tackle Antimicrobial Resistance
September 21, 2016, 9:52 AM
Walmart may get "Robot Shopping Carts?"
September 17, 2016, 6:01 AM
5 Cases for iPhone 7 and 7 iPhone Plus
September 18, 2016, 10:08 AM
Update: Problem-Free Galaxy Note7s CPSC Approved
September 22, 2016, 5:30 AM

Copyright 2016 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki