OT: IE flawed? NO!, you don't say, important security info |
|
Porsche, and the Porsche crest are registered trademarks of Dr. Ing. h.c. F. Porsche AG.
This site is not affiliated with Porsche in any way. Its only purpose is to provide an online forum for car enthusiasts. All other trademarks are property of their respective owners. |
|
OT: IE flawed? NO!, you don't say, important security info |
tat2dphreak |
Jul 2 2004, 09:49 AM
Post
#1
|
stoya, stoya, stoya Group: Benefactors Posts: 8,797 Joined: 6-June 03 From: Wylie, TX Member No.: 792 Region Association: Southwest Region |
http://www.internetnews.com/security/artic...cle.php/3374931
I switched over to firefox and changed all my passwords... damn M$ !!! |
ArtechnikA |
Jul 2 2004, 09:55 AM
Post
#2
|
rich herzog Group: Members Posts: 7,390 Joined: 4-April 03 From: Salted Roads, PA Member No.: 513 Region Association: None |
i switched all the computers behind my firewall to Mozilla 1,7 last Friday...
ArtechnikA.com is NOT running on an IIS server. |
WoMBaT |
Jul 2 2004, 12:51 PM
Post
#3
|
Member Group: Members Posts: 69 Joined: 29-June 04 From: Fort Riley, Kansas Member No.: 2,272 |
Just switched to FireFox 0.9.1..already like it better than IE! Fun themes and tabbed browsing are worth the switch alone...never mind it isn't succeptable to the security breaches like the vole's IE.
-Dan |
dinomium |
Jul 2 2004, 12:56 PM
Post
#4
|
Git on a chair son, all the good stuff is goin over yer head! Group: Benefactors Posts: 2,777 Joined: 2-January 03 From: Bremerton, WA Member No.: 74 Region Association: Pacific Northwest |
Too bad this latest hack is a JAVA flaw. sooooo it is really an infrastructure of the web issue, not just Microsoft...
|
Gint |
Jul 2 2004, 04:36 PM
Post
#5
|
Mike Ginter Group: Admin Posts: 16,095 Joined: 26-December 02 From: Denver CO. Member No.: 20 Region Association: Rocky Mountains |
QUOTE Too bad this latest hack is a JAVA flaw. sooooo it is really an infrastructure of the web issue, not just Microsoft... Did I miss something? I don't see any mention of this being a Java flaw. |
Part Pricer |
Jul 2 2004, 04:53 PM
Post
#6
|
Believe everything I post Group: Benefactors Posts: 1,825 Joined: 28-December 02 From: Danbury, CT Member No.: 35 |
You didn't miss anything. It's not a Java flaw, it is a security hole in IE. The confusion is that some unscrupulous individual(s) used JavaScript (not Java) as part of their exploit to compromise IE.
|
Gint |
Jul 2 2004, 04:58 PM
Post
#7
|
Mike Ginter Group: Admin Posts: 16,095 Joined: 26-December 02 From: Denver CO. Member No.: 20 Region Association: Rocky Mountains |
And apparently, it's JavaScript running on an IIS server that exploits and infects users visiting the site with IE. So while it may be JavaScript code, it specifically exploits IIS (MS product) and IE (MS product).
Did I get all of this straight? Lotta techie reading for Friday evening. |
SirAndy |
Jul 2 2004, 05:04 PM
Post
#8
|
Resident German Group: Admin Posts: 41,945 Joined: 21-January 03 From: Oakland, Kalifornia Member No.: 179 Region Association: Northern California |
QUOTE(Gint @ Jul 2 2004, 03:58 PM) Did I get all of this straight? Lotta techie reading for Friday eveining. no. it's not JavaScript running on a IIS server, that would be server side javascript, which is different (IMG:style_emoticons/default/wink.gif) this needs to hack into a server first, then alter your web-pages to include a additional JavaScript footer that automatically downloads a executeable from a server in russia which in turn is executed (and installed) by your local IE ... this program then scans your machine and every time you type in a username and password on a webpage (think online-banking) it'll record your login and send it back to the server in russia ... all of that without you even knowing. pretty clever, eh? (IMG:style_emoticons/default/wink.gif) Andy |
Gint |
Jul 2 2004, 06:00 PM
Post
#9
|
Mike Ginter Group: Admin Posts: 16,095 Joined: 26-December 02 From: Denver CO. Member No.: 20 Region Association: Rocky Mountains |
This is what I read (seems to support what you're saying Andy):
QUOTE http://www.internetnews.com/security/artic...cle.php/3373581 "The attacker uploaded a small file with JavaScript to infected Web sites, and altered the web server configuration to append the script to all files served by the web server," the center alert warned. If a user visited an infected site, the JavaScript delivered by the site would instruct the user's browser to download an executable from a Russian Web site and install it, the alert added. "These Trojan horse programs include keystroke loggers, proxy servers and other back doors providing full access to the infected system." The center believes the attack is the work of a sophisticated international spam ring. |
morgan |
Jul 2 2004, 07:20 PM
Post
#10
|
Member Group: Members Posts: 310 Joined: 28-March 03 From: milwaukee WI Member No.: 488 |
I run a Mac dont know these things!!!! (IMG:style_emoticons/default/confused24.gif)
|
SirAndy |
Jul 2 2004, 08:12 PM
Post
#11
|
Resident German Group: Admin Posts: 41,945 Joined: 21-January 03 From: Oakland, Kalifornia Member No.: 179 Region Association: Northern California |
QUOTE(morgan @ Jul 2 2004, 06:20 PM) I run a Mac dont know these things!!!! (IMG:style_emoticons/default/confused24.gif) owning a MAC does not automatically protect you from viruses etc. in general. in fact, one of the first computer viruses ever was for the AppleII !!! the kids focus more on the PC simply because it's the much more common platform which means more exposure for their creative ventures into exploitive computer programming ... (IMG:style_emoticons/default/wink.gif) Andy |
Andyrew |
Jul 2 2004, 10:45 PM
Post
#12
|
Spooling.... Please wait Group: Members Posts: 13,377 Joined: 20-January 03 From: Riverbank, Ca Member No.: 172 Region Association: Northern California |
QUOTE the kids focus more on the PC simply because it's the much more common platform which means more exposure for their creative ventures into exploitive computer programming ... You know what, they should all focus on macs, because then we could get rid of all those worthless pieces of junk... Hmm I think I'll write a virous! It will require you to save everything on floppy or cd, and then it will erase your hard drive and magnetically swipe the pc's motherboard! MUAHAHAHAHAHAHAHAHHAHAHAHHAHAH wait, why are there red lights outside? (IMG:style_emoticons/default/wink.gif) (jk of course..) |
skline |
Jul 2 2004, 10:53 PM
Post
#13
|
Born to Drive Group: Members Posts: 7,910 Joined: 26-December 02 From: Costa Mesa, CA Member No.: 17 Region Association: Southern California |
Why do you think Macs are a POS? I have one I use in the house for graphics and video, the thing is awesome. Its a no worry machine, it always runs. If I had to rely on Macs to make my living, I would be broke. I would never get service calls. The PC's however, make me some pretty good money. Pays for my car.
|
Andyrew |
Jul 2 2004, 10:58 PM
Post
#14
|
Spooling.... Please wait Group: Members Posts: 13,377 Joined: 20-January 03 From: Riverbank, Ca Member No.: 172 Region Association: Northern California |
Well, Macs take the fun out of a pc.. A pc you can get inside of.. Macs.. well. Lets just put it this way.. I had to take a test to show that I was efficient in computers so I wouldnt have to take a class. They had macs, and.. I had no stinkin clue. I Tried to look in the hard drive.. couldnt find the darn thing.. I had no clue how to select something with one stinkin mouse button.. I just hated it.
I hate the layout.. just how they run basically. Andrew |
SirAndy |
Jul 2 2004, 11:25 PM
Post
#15
|
Resident German Group: Admin Posts: 41,945 Joined: 21-January 03 From: Oakland, Kalifornia Member No.: 179 Region Association: Northern California |
QUOTE(Andyrew @ Jul 2 2004, 09:58 PM) A pc you can get inside of.. that much i agree with. i actually did some machine language programming on the mac way back when, hacking my way through the OS (without ANY documentation) ... the PC is a much better platform for developers and geeks like me because it is much more *transparent* ... having said that, i have worked with macs for years in the graphics industry (started with photoshop 1.0 on a MAC II) did a lot of pre-press work. the mac was the shit for that kind of stuff back then. then, i got into game development. PC's rule. i can still whip out a little assembly exe with the command line assembler (called DEBUG, still comes with each windows) in a few minutes. nothing like talking the CPU's language! oh, i also used to program device drivers in machine language for unix systems. and did i mention i redid the complete OS for the C64, shrunk it into half and used the free space for a ROM based compiler/decompiler? burned the thing on a ROM and used it to hack games. fun times. bottomline, i like working with computers. ANY computer. they all have their place and use ... (IMG:style_emoticons/default/smile.gif) Andy |
morgan |
Jul 3 2004, 09:17 AM
Post
#16
|
Member Group: Members Posts: 310 Joined: 28-March 03 From: milwaukee WI Member No.: 488 |
I have both, just like the Mac because there is no MS
John |
Rusty |
Jul 4 2004, 04:21 AM
Post
#17
|
Wanted: Engine case GA003709 Group: Admin Posts: 7,952 Joined: 24-December 02 From: North Alabama Member No.: 6 Region Association: Galt's Gulch |
Geez... I had no idea that Mozilla was Netscrape in disguise. Get this piece of crap off my system!!! ARRGGGGGGH!! (IMG:style_emoticons/default/mad.gif)
-Rusty (IMG:style_emoticons/default/smoke.gif) |
Part Pricer |
Jul 9 2004, 06:28 AM
Post
#18
|
Believe everything I post Group: Benefactors Posts: 1,825 Joined: 28-December 02 From: Danbury, CT Member No.: 35 |
I know that I recommended that you look at using a different browser than IE. Now, to show you that you are never safe and must always be vigilant.
QUOTE A popular browser for Windows is subject to a security hole that creates a means for hackers to run malicious code on vulnerable machines. But this time, the vulnerability involves Mozilla and Firefox browsers - not Internet Explorer. Security researchers have discovered that users could be attacked by hackers using a bug in how Mozilla and Firefox handle the "shell:" function in windows. The function enables websites to invoke various programs associated with specific extensions. But flaws in Mozilla's implementation create a way for a skilled hacker to execute arbitrary code on vulnerable Windows machines. Information on the bug was posted onto a full disclosure security mailing list earlier this week. The flaw affects Mozilla and Firefox on Windows XP or Windows 2000 only. The Mozilla Foundation yesterday issued a patch that resolves the flaw by disabling the use of the shell: external protocol handler. Alternatively users are advised are advised to update their systems to the latest version of Mozilla (1.7.1), Firefox (0.9.2). Users of Thunderbird, Mozilla's next generation e-mail client, also need to upgrade to version 0.7.2 of the software. Firefox is a preview of Mozilla's next generation browser. Thunderbird is Mozilla's email client. Security firm Secunia rates the problem as "moderately critical". So it’s less serious than still unresolved issues bedevilling IE but still unwelcome to Windows users defecting from IE for security reasons. Secunia notes that multiple exploits in Internet Explorer also utilise "shell:" functionality. "The shell: URI handler is inherently insecure and should only be accessed from a few trusted sites - or not from a browser at all," it says. Here is the link to the update instructions and the downloads: http://mozilla.org/security/shell.html |
cnavarro |
Jul 9 2004, 07:14 AM
Post
#19
|
Cylinder Guru Group: Members Posts: 472 Joined: 30-December 02 From: Chicagoland! Member No.: 49 Region Association: None |
My Macintosh 128k (circa 1985) got a trojan horse that wiped out the motherboard on early models and the only resolution was to buy a new motherboard. If i'm not mistaken, that was one of the first viruses, eons before the thought had even occurred to have a virus scanner.
Charles Navarro LN Engineering http://www.LNengineering.com Aircooled Precision Performance |
newdeal2 |
Jul 9 2004, 07:20 AM
Post
#20
|
Unregistered |
If I have anti virus how important is adding a firewall?
Peter |
Lo-Fi Version | Time is now: 26th December 2024 - 09:18 PM |
All rights reserved 914World.com © since 2002 |
914World.com is the fastest growing online 914 community! We have it all, classifieds, events, forums, vendors, parts, autocross, racing, technical articles, events calendar, newsletter, restoration, gallery, archives, history and more for your Porsche 914 ... |