8 replies to this topic

[Secured Tim]

A critical vulnerability has been found in all the versions of Internet Explorer, including IE9 on Windows XP SP3, Vista, and Windows 7, and users can be infected simply by visiting a malicious website. The attack uses a specially-crafted Flash animation to drop a malware kit known as Poison Ivy on the target machine - as Ars Technica notes, it appears to be the work of the same gang responsible for exploiting a zero-day vulnerability in Java last month.

Microsoft has issued an official advisory note acknowledging the problem and advising users to download its existing Enhanced Mitigation Experience Toolkit (EMET) to reduce the risk, but has not released a dedicated patch.

Germany's Federal Office for Information Security advising users to switch to browsers other than Internet Explorer until the problem is fixed, the vulnerability is likely to have an effect on the browser's short-term market share, and its ongoing battle with Google's Chrome.

Source: Reuters

[KamZay]

Already using Chrome.

[celeron]

Funny thing.. IE9 is not support on windows XP..

[maac]

Wasn't the bug found on IE7, 8 and 9? Cause the German news were going crazy over this.

Edited by maac, 19 September 2012 - 09:45 PM.

[_akier_]

Who uses the stock browser included in windows?

I never use IE and never will.

[netbox]

I use IE9 on Win7 and IE10 on Win8 to test my blog if any of my layout changes and how it looks on IE; same goes for Google Chrome;
other than that, I use Firefox as my main and default browser both Windows 7 and Windows 8

I dont worry too much with this kind of exploits because as I said above....

[pataoengineer]

Don't care the vulnerable holes and patches.

Just install Chrome and use it. That's all.

[orcus]

If it uses a Flash animation to install the malware, will not having Flash installed prevent the attack?

http://www.pcworld.c...t-explorer.html

http://technet.micro...lletin/ms12-063