|
New IE Vulnerability
Fenrir.Scragg
Administrator
サーバ: Fenrir
Game: FFXI
Posts: 2579
By Fenrir.Scragg 2010-01-19 14:04:50
I've been logging many break-in attempts to FFXIAH and other hosted sites lately. Most of the IPs are coming from China and they are taking advantage of this latest IE vulnerability with embedded scripts.
http://secunia.com/advisories/38209/
According to the site it is currently unpatched and affects all version of IE.
Quote: A vulnerability has been discovered in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a use-after-free error when handling events when the object firing the event is removed from the markup.
Successful exploitation allows execution of arbitrary code when a user e.g. views a malicious web page.
NOTE: This vulnerability is currently being actively exploited.
Take extra caution when surfing and use a Non-IE browser. Avast does detect at least a variation of the code. If you host a Vbulletin, wordpress, or phpbb, make sure they are up-to-date.
[+]
サーバ: Asura
Game: FFXI
Posts: 64
By Asura.Envious 2010-01-19 14:06:39
Should get on the "block Chinese IPs" bandwagon. xD
サーバ: Asura
Game: FFXI
Posts: 36553
By Asura.Ludoggy 2010-01-19 14:08:54
Asura.Envious said: Should get on the "block Chinese IPs" bandwagon. xD Don't need to, they are doing a great job blocking themselves. =P
サーバ: Ifrit
Game: FFXI
Posts: 24692
By Ifrit.Kungfuhustle 2010-01-19 14:11:03
The Great Firewall of China, Google is slowly chipping it away, and letting the freaks spill over the top.
サーバ: Hades
Game: FFXI
Posts: 2647
By Hades.Stefanos 2010-01-19 14:15:56
In before Dasva white knight's IE? (Just kidding.)
Leviathan.Chaosx
サーバ: Leviathan
Game: FFXI
Posts: 20284
By Leviathan.Chaosx 2010-01-19 14:16:59
People still use IE?
サーバ: Ifrit
Game: FFXI
Posts: 24692
By Ifrit.Kungfuhustle 2010-01-19 14:17:40
Leviathan.Chaosx said: People still use IE?
unfortunately... yes, and they update it too.
Fenrir.Scragg
Administrator
サーバ: Fenrir
Game: FFXI
Posts: 2579
By Fenrir.Scragg 2010-01-19 14:27:00
36% of ffxiah users use IE
22% use IE8
10% use IE7
4% use IE6
Lakshmi.Antonios
サーバ: Lakshmi
Game: FFXI
Posts: 493
By Lakshmi.Antonios 2010-01-19 14:27:56
i use firefox n chrome
Ragnarok.Anye
サーバ: Ragnarok
Game: FFXI
Posts: 5449
By Ragnarok.Anye 2010-01-19 14:33:05
My school uses IE.... I wonder if I should warn them.... XD
Good thing I use Firefox Portable on my flash drive. :D
Scragg, does using Firefox or Chrome protect us by much? And are there any safety measures (besides not going to untrusted sites, of course) that we can take?
Ramuh.Dasva
サーバ: Ramuh
Game: FFXI
Posts: 40469
By Ramuh.Dasva 2010-01-19 14:34:10
Hades.Stefanos said: In before Dasva white knight's IE? (Just kidding.) Fine since you asked. If IE was so bad about this why is there a specific warning for something?
Also IE6... ewww. I don't think that even will display most the flash ads lol. Which kinda good and bad since I think it will have trouble viewing other stuff you want to
サーバ: Ifrit
Game: FFXI
Posts: 24692
By Ifrit.Kungfuhustle 2010-01-19 14:34:27
the computers on campus have both, some also have Chrome.
サーバ: Ramuh
Game: FFXI
Posts: 4580
By Ramuh.Lilbusta 2010-01-19 14:34:50
Leviathan.Chaosx said: People still use IE?
My work is one of them. Wonder if it's any site I'm on and not just this site.
Ramuh.Dasva
サーバ: Ramuh
Game: FFXI
Posts: 40469
By Ramuh.Dasva 2010-01-19 14:35:08
Ragnarok.Anye said: And are there any safety measures (besides not going to untrusted sites, of course) that we can take? I believe he mentioned Avast detects it... which really avast is good to use anyways
Fenrir.Scragg
Administrator
サーバ: Fenrir
Game: FFXI
Posts: 2579
By Fenrir.Scragg 2010-01-19 14:35:08
What is interesting,
Japan favors IE over next popular browser(firefox) almost 3:1
USA favors Firefox over IE 2:1
this is according to ffxiah analytics
[+]
サーバ: Ifrit
Game: FFXI
Posts: 24692
By Ifrit.Kungfuhustle 2010-01-19 14:38:36
well, Japan also likes to eat dogs....
Avast is great...
FF with the right plug-ins is great...
If you die without Christ, you're going to Wal-Mart...
[+]
Asura.Kajima
サーバ: Asura
Game: FFXI
Posts: 9
By Asura.Kajima 2010-01-19 14:46:37
im laughing inside right now so hard...
IE is one big vulnerability, its initial design was to coincide with Explorer in Windows to allow remote desktop access, with some browser capabilities... we've seen how far that's come.
if you are still using IE you deserve to be vulnerable.
Phoenix.Mikumaru
サーバ: Phoenix
Game: FFXI
Posts: 382
By Phoenix.Mikumaru 2010-01-19 14:49:35
Fenrir.Scragg said: I've been logging many break-in attempts to FFXIAH and other hosted sites lately. Most of the IPs are coming from China and they are taking advantage of this latest IE vulnerability with embedded scripts. http://secunia.com/advisories/38209/ According to the site it is currently unpatched and affects all version of IE. Quote: A vulnerability has been discovered in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a use-after-free error when handling events when the object firing the event is removed from the markup. Successful exploitation allows execution of arbitrary code when a user e.g. views a malicious web page. NOTE: This vulnerability is currently being actively exploited. Take extra caution when surfing and use a Non-IE browser. Avast does detect at least a variation of the code. If you host a Vbulletin, wordpress, or phpbb, make sure they are up-to-date. ok so like what does this mean to those of us who know nothing about coding , programing , or anything else remotely related to the complex nature of computers ? I mean i run Firefox on my personal PC but the mom'n'dad , werk and Brother/sister still use IE .
Siren.Juilan
サーバ: Siren
Game: FFXI
Posts: 14
By Siren.Juilan 2010-01-19 14:55:11
Isn't Google close to declaring e-warfare on China or something... Atleast according to Cnet.
All the Japanese people I know irl and on FFXI all use Firefox hmm..
Best way to stop your school from using IE is to hack them using IE exploits.
A new week a new IE exploit again I've heard of two recently. iirc Google found them in their tech labs after a Gmail user had her account hacked from China.
Ramuh.Dasva
サーバ: Ramuh
Game: FFXI
Posts: 40469
By Ramuh.Dasva 2010-01-19 14:58:34
Siren.Juilan said: Isn't Google close to declaring e-warfare on China or something... I would love to see this. Wonder who would win
サーバ: Ifrit
Game: FFXI
Posts: 24692
By Ifrit.Kungfuhustle 2010-01-19 15:02:54
Ramuh.Dasva said: Siren.Juilan said: Isn't Google close to declaring e-warfare on China or something... I would love to see this. Wonder who would win
Google is basically trying to chip away the Great Firewall of China, but China has about 2 billion people, Google cannot win!
サーバ: Bahamut
Game: FFXI
Posts: 324
By Bahamut.Dracondria 2010-01-19 15:08:34
I always keep a firefox installer in my personal folder in school so I can reinstall firefox after they format the computer each week.
Lakshmi.Azrial
サーバ: Lakshmi
Game: FFXI
Posts: 93
By Lakshmi.Azrial 2010-01-19 15:11:28
The Chinese dont just eat dogs.........
http://www.getwonder.com/05/cook-everything-yesincluding-baby-they-eat-babies.html
Uh, I'm gonna go ahead and lable this NSFW... or hell, anywhere. Srsly.
Kujata.Erim
サーバ: Kujata
Game: FFXI
Posts: 704
By Kujata.Erim 2010-01-19 15:17:33
You guys realize that Firefox had the most exposed vulnerabilities in 2009 right?
Choosing one popular browser over another does not make you safe.
IE or Firefox, either way you're at risk.
サーバ: Ifrit
Game: FFXI
Posts: 24692
By Ifrit.Kungfuhustle 2010-01-19 15:19:03
Kujata.Erim said: You guys realize that Firefox had the most exposed vulnerabilities in 2009 right?
Choosing one popular browser over another does not make you safe.
IE or Firefox, either way you're at risk.
would you rather be followed on the way home from school, or get kidnapped, assraped, and have those pics posted on the net?
That's basically the debate between IE and FF.
Lakshmi.Wardens
サーバ: Lakshmi
Game: FFXI
Posts: 679
By Lakshmi.Wardens 2010-01-19 15:24:30
Kujata.Erim said: You guys realize that Firefox had the most exposed vulnerabilities in 2009 right?
Choosing one popular browser over another does not make you safe.
IE or Firefox, either way you're at risk.
True story. Screw anybody who says otherwise.
Carbuncle.Shokox
サーバ: Carbuncle
Game: FFXI
Posts: 633
By Carbuncle.Shokox 2010-01-19 15:26:06
The only real major problem with Firefox is that it has huge memory leak problems with increasing Add-On additions. If not for that it's good; everyone should have NoScript/Adblock Plus as a minimum for safer surfing.
When it comes to this discussion with FFXIAH (and every other FFXI/FFXIV site), it's IE that's the poorer choice for surfing.
Kujata.Erim
サーバ: Kujata
Game: FFXI
Posts: 704
By Kujata.Erim 2010-01-19 15:28:03
Ifrit.Kungfuhustle said: Kujata.Erim said: You guys realize that Firefox had the most exposed vulnerabilities in 2009 right?
Choosing one popular browser over another does not make you safe.
IE or Firefox, either way you're at risk.
would you rather be followed on the way home from school, or get kidnapped, assraped, and have those pics posted on the net?
That's basically the debate between IE and FF.
No, that's not the difference at all, but if that's what you wish to believe go right ahead. I'm not defending IE here, but I'm certainly not going to defend Firefox either. It comes with the ground of being the popular choice, which is why the Windows OS is constantly having trouble with viruses, trojans, etc. and Linux isn't. Why would a "hacker" waste his time trying to infect 1% when he could be aiming for 99%. With the majority of people divided over IE and Firefox, both have become targets and one is no safer than the other unless you're on Windows XP.
サーバ: Ramuh
Game: FFXI
Posts: 4580
By Ramuh.Lilbusta 2010-01-19 15:29:07
Someone forgot the 10% Apple users.
Kujata.Erim
サーバ: Kujata
Game: FFXI
Posts: 704
By Kujata.Erim 2010-01-19 15:30:11
They aren't people, they don't count. lol
Okay, really, it was just an example. :P
I've been logging many break-in attempts to FFXIAH and other hosted sites lately. Most of the IPs are coming from China and they are taking advantage of this latest IE vulnerability with embedded scripts.
http://secunia.com/advisories/38209/
According to the site it is currently unpatched and affects all version of IE.
Quote: A vulnerability has been discovered in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a use-after-free error when handling events when the object firing the event is removed from the markup.
Successful exploitation allows execution of arbitrary code when a user e.g. views a malicious web page.
NOTE: This vulnerability is currently being actively exploited.
Take extra caution when surfing and use a Non-IE browser. Avast does detect at least a variation of the code. If you host a Vbulletin, wordpress, or phpbb, make sure they are up-to-date.
|
|