Internet Explorer - Time to write it off?
It's hard to believe it, but IE is still plagued with security vulnerabilities. It affects all of Microsoft's operating systems from NT through Windows 7 as well as every version of IE, including IE 8. This information comes right on the heels of yet another patch from Microsoft who advised that the browser was now safe. But, we have learned that Internet Explorer is still far from safe.
THE HACK:
An attacker lures a victim into clicking on a malicious URL. Then, by manipulating 4 or 5 features in IE, the hacker forces the browser to process files that are not pure HTML on the computer
Jorge Luis Alvarez Medina, a security consultant at Core Security Technologies, will be explaining at the Washington Black Hat conference next month why Microsoft's IE is at still risk to not just one serious hole but rather a whole set of minor vulnerabilities that can be linked together to exploit remote access to your data .
The problem was actually discovered two years ago but has persisted despite several attempts by Microsoft to fix it. Since the issue involves features rather than vulnerabilities, it may be more difficult for Microsoft to ever permanently fix, Medina said. "Some of those features are kind of impossible to fix,"
Microsoft has not commented on the matter, But the answer is quite simple: Use Firefox, or Chrome or pretty much anything other than Internet Explorer right now. Especially when, according to respected British journalist Jack Schofield of The Guardian, Microsoft apparently knew about this IE vulnerability it just patched back in September 2009.
Microsoft will next release patches on Feb. 9.
Follow us onTwitter
THE HACK:
An attacker lures a victim into clicking on a malicious URL. Then, by manipulating 4 or 5 features in IE, the hacker forces the browser to process files that are not pure HTML on the computer
Jorge Luis Alvarez Medina, a security consultant at Core Security Technologies, will be explaining at the Washington Black Hat conference next month why Microsoft's IE is at still risk to not just one serious hole but rather a whole set of minor vulnerabilities that can be linked together to exploit remote access to your data .
The problem was actually discovered two years ago but has persisted despite several attempts by Microsoft to fix it. Since the issue involves features rather than vulnerabilities, it may be more difficult for Microsoft to ever permanently fix, Medina said. "Some of those features are kind of impossible to fix,"
Microsoft has not commented on the matter, But the answer is quite simple: Use Firefox, or Chrome or pretty much anything other than Internet Explorer right now. Especially when, according to respected British journalist Jack Schofield of The Guardian, Microsoft apparently knew about this IE vulnerability it just patched back in September 2009.
Microsoft will next release patches on Feb. 9.
Follow us onTwitter
Comments