New IE Vulnerability

言語: JP EN DE FR
2010-06-21
New Items
users online
フォーラム » FFXIAH.com » News » New IE Vulnerability
New IE Vulnerability
First Page 2 3
 Fenrir.Scragg
Administrator
Offline
サーバ: Fenrir
Game: FFXI
user: Scragg
Posts: 2579
By Fenrir.Scragg 2010-01-19 14:04:50  
I've been logging many break-in attempts to FFXIAH and other hosted sites lately. Most of the IPs are coming from China and they are taking advantage of this latest IE vulnerability with embedded scripts.

http://secunia.com/advisories/38209/

According to the site it is currently unpatched and affects all version of IE.
Quote:
A vulnerability has been discovered in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a use-after-free error when handling events when the object firing the event is removed from the markup.

Successful exploitation allows execution of arbitrary code when a user e.g. views a malicious web page.

NOTE: This vulnerability is currently being actively exploited.

Take extra caution when surfing and use a Non-IE browser. Avast does detect at least a variation of the code. If you host a Vbulletin, wordpress, or phpbb, make sure they are up-to-date.
[+]
 Asura.Envious
Offline
サーバ: Asura
Game: FFXI
user: Stewie
Posts: 64
By Asura.Envious 2010-01-19 14:06:39  
Should get on the "block Chinese IPs" bandwagon. xD
 Asura.Ludoggy
Offline
サーバ: Asura
Game: FFXI
user: Ludog
Posts: 36553
By Asura.Ludoggy 2010-01-19 14:08:54  
Asura.Envious said:
Should get on the "block Chinese IPs" bandwagon. xD
Don't need to, they are doing a great job blocking themselves. =P
 Ifrit.Kungfuhustle
Offline
サーバ: Ifrit
Game: FFXI
Posts: 24692
By Ifrit.Kungfuhustle 2010-01-19 14:11:03  
The Great Firewall of China, Google is slowly chipping it away, and letting the freaks spill over the top.
 Hades.Stefanos
Offline
サーバ: Hades
Game: FFXI
user: Stefanos
Posts: 2647
By Hades.Stefanos 2010-01-19 14:15:56  
In before Dasva white knight's IE? (Just kidding.)
 Leviathan.Chaosx
Offline
サーバ: Leviathan
Game: FFXI
user: ChaosX128
Posts: 20284
By Leviathan.Chaosx 2010-01-19 14:16:59  
People still use IE?
 Ifrit.Kungfuhustle
Offline
サーバ: Ifrit
Game: FFXI
Posts: 24692
By Ifrit.Kungfuhustle 2010-01-19 14:17:40  
Leviathan.Chaosx said:
People still use IE?

unfortunately... yes, and they update it too.
 Fenrir.Scragg
Administrator
Offline
サーバ: Fenrir
Game: FFXI
user: Scragg
Posts: 2579
By Fenrir.Scragg 2010-01-19 14:27:00  
36% of ffxiah users use IE

22% use IE8
10% use IE7
4% use IE6
 Lakshmi.Antonios
Offline
サーバ: Lakshmi
Game: FFXI
user: jokstr
Posts: 493
By Lakshmi.Antonios 2010-01-19 14:27:56  
i use firefox n chrome
 Ragnarok.Anye
Offline
サーバ: Ragnarok
Game: FFXI
user: Anye
Posts: 5449
By Ragnarok.Anye 2010-01-19 14:33:05  
My school uses IE.... I wonder if I should warn them.... XD

Good thing I use Firefox Portable on my flash drive. :D

Scragg, does using Firefox or Chrome protect us by much? And are there any safety measures (besides not going to untrusted sites, of course) that we can take?
 Ramuh.Dasva
Offline
サーバ: Ramuh
Game: FFXI
user: dasva
Posts: 40469
By Ramuh.Dasva 2010-01-19 14:34:10  
Hades.Stefanos said:
In before Dasva white knight's IE? (Just kidding.)
Fine since you asked. If IE was so bad about this why is there a specific warning for something?

Also IE6... ewww. I don't think that even will display most the flash ads lol. Which kinda good and bad since I think it will have trouble viewing other stuff you want to
 Ifrit.Kungfuhustle
Offline
サーバ: Ifrit
Game: FFXI
Posts: 24692
By Ifrit.Kungfuhustle 2010-01-19 14:34:27  
the computers on campus have both, some also have Chrome.
 Ramuh.Lilbusta
Offline
サーバ: Ramuh
Game: FFXI
user: phatspade
Posts: 4580
By Ramuh.Lilbusta 2010-01-19 14:34:50  
Leviathan.Chaosx said:
People still use IE?

My work is one of them. Wonder if it's any site I'm on and not just this site.
 Ramuh.Dasva
Offline
サーバ: Ramuh
Game: FFXI
user: dasva
Posts: 40469
By Ramuh.Dasva 2010-01-19 14:35:08  
Ragnarok.Anye said:
And are there any safety measures (besides not going to untrusted sites, of course) that we can take?
I believe he mentioned Avast detects it... which really avast is good to use anyways
 Fenrir.Scragg
Administrator
Offline
サーバ: Fenrir
Game: FFXI
user: Scragg
Posts: 2579
By Fenrir.Scragg 2010-01-19 14:35:08  
What is interesting,

Japan favors IE over next popular browser(firefox) almost 3:1

USA favors Firefox over IE 2:1

this is according to ffxiah analytics
[+]
 Ifrit.Kungfuhustle
Offline
サーバ: Ifrit
Game: FFXI
Posts: 24692
By Ifrit.Kungfuhustle 2010-01-19 14:38:36  
well, Japan also likes to eat dogs....

Avast is great...

FF with the right plug-ins is great...

If you die without Christ, you're going to Wal-Mart...
[+]
 Asura.Kajima
Offline
サーバ: Asura
Game: FFXI
user: Kajima
Posts: 9
By Asura.Kajima 2010-01-19 14:46:37  
im laughing inside right now so hard...


IE is one big vulnerability, its initial design was to coincide with Explorer in Windows to allow remote desktop access, with some browser capabilities... we've seen how far that's come.

if you are still using IE you deserve to be vulnerable.
 Phoenix.Mikumaru
Offline
サーバ: Phoenix
Game: FFXI
user: Mikumaru
Posts: 382
By Phoenix.Mikumaru 2010-01-19 14:49:35  
Fenrir.Scragg said:
I've been logging many break-in attempts to FFXIAH and other hosted sites lately. Most of the IPs are coming from China and they are taking advantage of this latest IE vulnerability with embedded scripts. http://secunia.com/advisories/38209/ According to the site it is currently unpatched and affects all version of IE.
Quote:
A vulnerability has been discovered in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a use-after-free error when handling events when the object firing the event is removed from the markup. Successful exploitation allows execution of arbitrary code when a user e.g. views a malicious web page. NOTE: This vulnerability is currently being actively exploited.
Take extra caution when surfing and use a Non-IE browser. Avast does detect at least a variation of the code. If you host a Vbulletin, wordpress, or phpbb, make sure they are up-to-date.
ok so like what does this mean to those of us who know nothing about coding , programing , or anything else remotely related to the complex nature of computers ? I mean i run Firefox on my personal PC but the mom'n'dad , werk and Brother/sister still use IE .
 Siren.Juilan
Offline
サーバ: Siren
Game: FFXI
user: Juilan
Posts: 14
By Siren.Juilan 2010-01-19 14:55:11  
Isn't Google close to declaring e-warfare on China or something... Atleast according to Cnet.

All the Japanese people I know irl and on FFXI all use Firefox hmm..
Best way to stop your school from using IE is to hack them using IE exploits.
A new week a new IE exploit again I've heard of two recently. iirc Google found them in their tech labs after a Gmail user had her account hacked from China.
 Ramuh.Dasva
Offline
サーバ: Ramuh
Game: FFXI
user: dasva
Posts: 40469
By Ramuh.Dasva 2010-01-19 14:58:34  
Siren.Juilan said:
Isn't Google close to declaring e-warfare on China or something...
I would love to see this. Wonder who would win
 Ifrit.Kungfuhustle
Offline
サーバ: Ifrit
Game: FFXI
Posts: 24692
By Ifrit.Kungfuhustle 2010-01-19 15:02:54  
Ramuh.Dasva said:
Siren.Juilan said:
Isn't Google close to declaring e-warfare on China or something...
I would love to see this. Wonder who would win

Google is basically trying to chip away the Great Firewall of China, but China has about 2 billion people, Google cannot win!
 Bahamut.Dracondria
Offline
サーバ: Bahamut
Game: FFXI
Posts: 324
By Bahamut.Dracondria 2010-01-19 15:08:34  
I always keep a firefox installer in my personal folder in school so I can reinstall firefox after they format the computer each week.
 Lakshmi.Azrial
Offline
サーバ: Lakshmi
Game: FFXI
user: Azrial
Posts: 93
By Lakshmi.Azrial 2010-01-19 15:11:28  
The Chinese dont just eat dogs.........


http://www.getwonder.com/05/cook-everything-yesincluding-baby-they-eat-babies.html



Uh, I'm gonna go ahead and lable this NSFW... or hell, anywhere. Srsly.
 Kujata.Erim
Offline
サーバ: Kujata
Game: FFXI
user: Erim
Posts: 704
By Kujata.Erim 2010-01-19 15:17:33  
You guys realize that Firefox had the most exposed vulnerabilities in 2009 right?

Choosing one popular browser over another does not make you safe.

IE or Firefox, either way you're at risk.
 Ifrit.Kungfuhustle
Offline
サーバ: Ifrit
Game: FFXI
Posts: 24692
By Ifrit.Kungfuhustle 2010-01-19 15:19:03  
Kujata.Erim said:
You guys realize that Firefox had the most exposed vulnerabilities in 2009 right?

Choosing one popular browser over another does not make you safe.

IE or Firefox, either way you're at risk.

would you rather be followed on the way home from school, or get kidnapped, assraped, and have those pics posted on the net?

That's basically the debate between IE and FF.
 Lakshmi.Wardens
Offline
サーバ: Lakshmi
Game: FFXI
user: Wardens
Posts: 679
By Lakshmi.Wardens 2010-01-19 15:24:30  
Kujata.Erim said:
You guys realize that Firefox had the most exposed vulnerabilities in 2009 right?

Choosing one popular browser over another does not make you safe.

IE or Firefox, either way you're at risk.

True story. Screw anybody who says otherwise.
 Carbuncle.Shokox
Offline
サーバ: Carbuncle
Game: FFXI
user: Shokox
Posts: 633
By Carbuncle.Shokox 2010-01-19 15:26:06  
The only real major problem with Firefox is that it has huge memory leak problems with increasing Add-On additions. If not for that it's good; everyone should have NoScript/Adblock Plus as a minimum for safer surfing.

When it comes to this discussion with FFXIAH (and every other FFXI/FFXIV site), it's IE that's the poorer choice for surfing.
 Kujata.Erim
Offline
サーバ: Kujata
Game: FFXI
user: Erim
Posts: 704
By Kujata.Erim 2010-01-19 15:28:03  
Ifrit.Kungfuhustle said:
Kujata.Erim said:
You guys realize that Firefox had the most exposed vulnerabilities in 2009 right?

Choosing one popular browser over another does not make you safe.

IE or Firefox, either way you're at risk.

would you rather be followed on the way home from school, or get kidnapped, assraped, and have those pics posted on the net?

That's basically the debate between IE and FF.

No, that's not the difference at all, but if that's what you wish to believe go right ahead. I'm not defending IE here, but I'm certainly not going to defend Firefox either. It comes with the ground of being the popular choice, which is why the Windows OS is constantly having trouble with viruses, trojans, etc. and Linux isn't. Why would a "hacker" waste his time trying to infect 1% when he could be aiming for 99%. With the majority of people divided over IE and Firefox, both have become targets and one is no safer than the other unless you're on Windows XP.
 Ramuh.Lilbusta
Offline
サーバ: Ramuh
Game: FFXI
user: phatspade
Posts: 4580
By Ramuh.Lilbusta 2010-01-19 15:29:07  
Someone forgot the 10% Apple users.
 Kujata.Erim
Offline
サーバ: Kujata
Game: FFXI
user: Erim
Posts: 704
By Kujata.Erim 2010-01-19 15:30:11  
They aren't people, they don't count. lol

Okay, really, it was just an example. :P
First Page 2 3
Log in to post.