Zelaron Gaming Forum

Zelaron Gaming Forum (http://zelaron.com/forum/index.php)
-   General Discussion (http://zelaron.com/forum/forumdisplay.php?f=182)
-   -   Major IE Exploit Announced (http://zelaron.com/forum/showthread.php?t=31648)

D3V 2004-07-28 12:16 AM
Major IE Exploit Announced
 
As of July 27th, 2004, Microsoft announced a HUGE loophole in Internet Explorer. Apparently, there is a flaw in IE (all versions) that if a certain type of link is clicked, it can cause an .exe to download, and execute on the host computer.

This means, you could be surfing the web innocently, and click some ad that has an infected link. The link *might* open the new page, but in the background there will be a file downloading and executing.

I have heard that some anti-virus and firewall utilities have not yet released a patch to protect from this kind of worm. Also, please not: Microsoft HAS NOT released a service pack to fix this exploit. It is said that Microsoft will patch this hole, but that could take weeks.

There is a fix for this problem however. Use Mozilla or Firefox, or any browsers that linux have if your running a linux system. Whatever you do, do not use IE until this is patched.


You can get firefox and mozilla from this site: www.mozilla.org and you can check for the IE update here in the coming weeks, on Microsoft’s site:

http://www.microsoft.com/downloads/s...n&categoryid=6

I have been a long time user of mozilla, and I think its simply the best. But for anyone still using IE (any version) I highly suggest either not surfing the net like you usually do, (basically be more safe clicking links) or just download mozilla and use that.

-Spector- 2004-07-28 12:48 AM
YAY i will now go click every link on the internet ^_^

BlueCube 2004-07-28 05:33 AM
Is this the :// exploit? If so, this has been known for a long time, and it's just now being "discovered" by Microsoft.. oh boy.

NonGayMan 2004-07-28 05:39 AM
Whoever still uses Internet Explorer deserves to get it.
:haha:

Mozilla and Firefox pwn.

BlueCube 2004-07-28 05:47 AM
^^^^^^ Agreed.
 
Quote:
Originally Posted by NonGayMan
Whoever still uses Internet Explorer deserves to get it.
:haha:

Mozilla and Firefox pwn.
Agreed.... Unfortunately, IE comes with Windows so most people just use that.

KagomJack 2004-07-28 07:00 AM
I have to use IE Explorer at work. Gonna download it for work.

Vollstrecker 2004-07-28 07:02 AM
Quote:
Originally Posted by NonGayMan
Whoever still uses Internet Explorer deserves to get it.
:haha:

Mozilla and Firefox pwn.
-_-

I like the layout of IE better than Mozilla. Bite me.

NonGayMan 2004-07-28 07:38 AM
Quote:
Originally Posted by Vollstrecker
-_-

I like the layout of IE better than Mozilla. Bite me.
I'd take security over layout, man.

BlueCube 2004-07-28 07:41 AM
OH NOES IT LOOKS DIFFERENT MY STOP BUTTON IS A CIRCLE INSTEAD OF A RECTANGLE

You can add themes/customize the layout, you know.. and if you want to mess around with it even further (like hide menu items you never use) there's always good old userChrome.css to edit.

Penny_Bags 2004-07-28 07:49 AM
I don't use a monitor... you people are wierd.

But I use Opera.

Vollstrecker 2004-07-28 08:32 AM
Quote:
Originally Posted by NonGayMan
I'd take security over layout, man.
Meh, I've been using IE since 1.0, since I hated Nutscrape Navigator.

The security doesn't really bother me much, as I don't frequent many other sites other than Zelaron.

I doubt Yahoo! Mail, or Bank of America is about to pwn me.

Sovereign 2004-07-28 08:59 AM
Fool. Go download mozilla or opera. Hell at least use avant browser if you must stick with I.E.

Vollstrecker 2004-07-28 09:00 AM
Damn you young 'uns and yer fancy browsers!

Medieval Bob 2004-07-28 09:02 AM
So why is Firefox teh pwn?

Sovereign 2004-07-28 09:04 AM
Because it in no way is related to I.E.?

Medieval Bob 2004-07-28 09:07 AM
Nor is Opera or Netscape. That doesn't make them teh pwn.

Sovereign 2004-07-28 09:08 AM
In my book it does. But there are certain levels of pwn. There is pwn. Then pwn pwn, then pwn pwn pwn. Netscape is just Pwn because its not I.E. That deserves a pwn title by itself. Opera gets a pwn pwn because its not I.E. and kicks mmore ass then Netscape, imo. Mozilla is pwn pwn pwn because its godly

Vollstrecker 2004-07-28 09:09 AM
I have Mozilla. I'd rather use IE.

Medieval Bob 2004-07-28 09:10 AM
Knock off the nonsense. What makes it godly or, as you put it, pwn pwn pwn?

Sovereign 2004-07-28 09:10 AM
Then you deserve death. Heretic

BlueCube 2004-07-28 10:44 AM
  • HIGHLY customizable through the UI, and even moreso if you don't mind adding a line or two to a CSS file.
  • Security issues. You won't get your computer taken over because you went to visit a freaking website..
  • You can grab extensions to add little functions to the browser. If you don't use them, you don't add them. I like the All-In-One Mouse Gestures, myself. And if you have Firefox and aren't using AdBlock, then you aren't really using Firefox correctly and you should probably set your computer on fire.
  • Built-in popup blocker, which apparently is the best one out there because it's built into the browser's code.
  • It's actually being developed and bugs are being fixed, unlike IE which is horribly thrown together and is interlaced with the OS (which is a huge security issue). Heck, IE 6 still uses a Content.IE5 folder for some reason, which shows just how much effort they put into it.
  • It's standards-compliant. If a website is coded to proper standards (with all tags closed, etc.) then it should look exactly the same, no matter where it is being displayed. However, with IE, it decides that your coding isn't good enough sometimes and changes the display around. I'm also waiting for IE to catch up to CSS2 and to fix PNG issues, because currently it's too outdated to really handle anything remotely new. Another example of IE not doing what it's told - animated GIFs with a delay set to 0ms will be "fixed" by IE and set to 100ms or so.
  • No ActiveX means no spyware. There is only one known spyware that I know of, but it can't run automatically like it can through IE. And even if you do agree to install XXXToolbar, it still can't hijack Firefox - instead, it runs a script that hijacks Internet Explorer.
  • It's in beta, and it STILL crashes less than Internet Explorer. Good ol' IE.

iceman887 2004-07-28 10:49 AM
i've been using internet explorer forever, i thought most people did, what is mozilla anyways i always thought it was like some ad or something

Medieval Bob 2004-07-28 10:58 AM
www.mozilla.org

Even mozilla.com redirects you to it.

www.mozilla.net has an interesting black screen and a prompt... *weird music from Earthbound*

Hades-Knight 2004-07-28 01:20 PM
Opera > anything


BTW how would you go about hosting a trojan online and putting it on a link without ti showing the .exe? that'd be pwn!

kockblocker1 2004-07-28 01:26 PM
1 Attachment(s)
Wha?? IDK about you guys. I use the AOL browser that came with the AOL CD. I get tons of anouncements for great deals all the time. I don't even have to click on any links it just shows up right in front of my current window. It's great, 2 thumbs up from me.

BlueCube 2004-07-28 01:47 PM
You'd probably use the %01 exploit to hide the exe itself. Don't know why you would do such a thing however..

Check the %01 exploit in action (won't hurt your computer at all):

http://www.zapthedingbat.com/security/ex01/vun1.htm

This will only work on non-patched IE versions. Newer versions refuse to load anything at all.. not sure how recent the patch is, but then again I'm using SP2 RC2 for XP so I don't know if that's what prevents it from affecting me.


All times are GMT -6. The time now is 08:38 PM.

Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.
This site is best seen with your eyes open.