If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(Ars Technica)   Exciting news from 2001: Microsoft says Internet Explorer versions 6, 7, and 8 are vulnerable to remote code execution   (arstechnica.com) divider line 23
    More: Obvious, CFR, Internet Explorer Versions, Internet Explorer, Microsoft, workaround, design engineer, information systems, remote code execution  
•       •       •

770 clicks; posted to Geek » on 01 Jan 2013 at 1:12 PM (1 year ago)   |  Favorite    |   share:  Share on Twitter share via Email Share on Facebook   more»



23 Comments   (+0 »)
   
View Voting Results: Smartest and Funniest

Archived thread
 
2013-01-01 11:27:21 AM  
By this time, I have to assume those using IE are forced to, or just don't care.
 
2013-01-01 11:55:35 AM  
 When my mom's computer went sideways, I just installed Firefox and changed the icons to look like the "internet button." Today I'd probably do Chrome, but still. This is the best way you can help your family, people.
 
2013-01-01 12:13:50 PM  
the attack sprung from the Council of Foreign Relations website, creating a "watering hole attack" that left people who visited the site through older versions of the browser open to further attack.

Not exactly an "IE is vulnerable to remote code execution" bug.  It's vulnerable to attacks that only happen if you visit a malicious site.  The already-hacked machines are vulnerable to remote code execution, not every IE user.  It's slightly less bad.
 
2013-01-01 12:58:20 PM  

St_Francis_P: By this time, I have to assume those using IE are forced to, or just don't care.


Some sites interoperate only with MS, believe it or not.  Also, FWIW, MS isn't stealing your identity for profit, a la google.  I'd still go with a well defended FF as my default, adblock/nostript/ghostery to nuke out these ad tracking bugs, etc....
 
2013-01-01 01:19:20 PM  
More like 2010.
 
2013-01-01 01:26:23 PM  

angrymacface: More like 2010.


And 2014
 
2013-01-01 02:14:52 PM  

St_Francis_P: By this time, I have to assume those using IE are forced to, or just don't care.


Unless you are a techie or a web dev, you generally find a web browser about as exciting as Louis CK does IKEA rugs:

"It's flat, it's blue, it goes on the floor, it's not coated with AIDS, and it's not a portal to a netherplace. It doesn't make me cum, but it's fine."

Unless it is IE6, which pretty much IS coated with the digital equivalent of AIDS, most people will just go with what is preinstalled on their computer.
 
2013-01-01 02:26:31 PM  
the bad news is you're stuck with 8 if youre on xp.

oh wait windows isnt a closed platform and you can install whatever browser you want

for free
 
2013-01-01 02:28:02 PM  
well I'll upgrade from IE8 to 10 if they clean out all the crap that they added to IE9.

\Then I can use adblock and the stupid banner on fark will be correct
\\still can't figure out why it says that when I have never installed it
 
2013-01-01 02:29:39 PM  

Generation_D: St_Francis_P: By this time, I have to assume those using IE are forced to, or just don't care.

Some sites interoperate only with MS, believe it or not.  Also, FWIW, MS isn't stealing your identity for profit, a la google.  I'd still go with a well defended FF as my default, adblock/nostript/ghostery to nuke out these ad tracking bugs, etc....


it aint 2001 any more, so whoever made that site scammed you. It's more likely, however that you were scammed 10 years ago and still wont bother to hire someone competent to fix it
 
2013-01-01 02:30:31 PM  

Lanadapter: angrymacface: More like 2010.

And 2014


I said 2010 because IE 7 and 8 were not in existence in 2001.
 
2013-01-01 02:42:19 PM  

Generation_D: St_Francis_P: By this time, I have to assume those using IE are forced to, or just don't care.

Some sites interoperate only with MS, believe it or not.  Also, FWIW, MS isn't stealing your identity for profit, a la google.  I'd still go with a well defended FF as my default, adblock/nostript/ghostery to nuke out these ad tracking bugs, etc....


Google can EABOD for pretending that adding an integrated Flash player (like it's so hard to install yourself) is enough compensation for loading Chrome up with spyware. They also don't like add-ons that let you download YouTube videos. No thanks. I prefer Chromium browsers, but Google's Chrome isn't the only "flavour" out there. I use SRWare Iron.
 
2013-01-01 02:50:27 PM  

serial_crusher: Not exactly an "IE is vulnerable to remote code execution" bug.  It's vulnerable to attacks that only happen if you visit a malicious site.  The already-hacked machines are vulnerable to remote code execution, not every IE user.  It's slightly less bad.


If a "malicious" web site is allowed to execute raw code, then that's a remote code execution bug. I'm not really sure what you're trying to correct there. Website should not be able to execute just any code on your computer. The only "code" that should be "executing" on a website is Javascript, which should be sandboxed to only have access to a very limited set of things.
 
2013-01-01 03:05:47 PM  
i.imgur.com
 
2013-01-01 04:11:52 PM  

jonny_q: serial_crusher: Not exactly an "IE is vulnerable to remote code execution" bug.  It's vulnerable to attacks that only happen if you visit a malicious site.  The already-hacked machines are vulnerable to remote code execution, not every IE user.  It's slightly less bad.

If a "malicious" web site is allowed to execute raw code, then that's a remote code execution bug. I'm not really sure what you're trying to correct there. Website should not be able to execute just any code on your computer. The only "code" that should be "executing" on a website is Javascript, which should be sandboxed to only have access to a very limited set of things.


The term "remote code execution" specifically refers to attacks that don't require the victim to do anything.  i.e. just leaving the vulnerable software running is enough to get you hacked.  Hence the "remote" part.
Or have I been using it wrong?
 
2013-01-01 04:45:53 PM  

St_Francis_P: By this time, I have to assume those using IE are forced to, or just don't care.


IE9 is a fine browser.  Its my main browser.  I've never had a problem.
 
2013-01-01 05:13:59 PM  

downstairs: IE9 is a fine browser.  Its my main browser.  I've never had a problem.


I did when they patched it recently and caused rendering issues with certain javascript libraries which resulted in the browser falling back to compatibility modes. Nowadays, it's not even enough to test on IE, apparently, because you never know when an update is going to b0rk things.
 
2013-01-01 05:29:53 PM  

t3knomanser: downstairs: IE9 is a fine browser.  Its my main browser.  I've never had a problem.

I did when they patched it recently and caused rendering issues with certain javascript libraries which resulted in the browser falling back to compatibility modes. Nowadays, it's not even enough to test on IE, apparently, because you never know when an update is going to b0rk things.


Hmmmm... I haven't seen that.   I'm on Windows 7, and install all Windows Updates fairly immediately.
 
2013-01-01 07:05:25 PM  

Generation_D: St_Francis_P: By this time, I have to assume those using IE are forced to, or just don't care.

Some sites interoperate only with MS, believe it or not.


Most notably including Windows / Microsoft Update itself on WinXP (they finally made it its own application in Vista, Win7, and Win8). If you want to run that in FF or Chrome, you need something like IE Tab. Sure, you can enable Automatic Updates and get the updates that they deem Critical without using IE, but if you want the Recommended Updates as well (often including important security stuff such as Root Certificate updates) under WinXP or earlier, you have to use a Trident-engine browser (IE, IE Tab, or certain Microsoft tools with web browser windows such as Visual Studio or SQL Server Management Studio).
 
2013-01-01 08:48:14 PM  

downstairs: St_Francis_P: By this time, I have to assume those using IE are forced to, or just don't care.

IE9 is a fine browser.  Its my main browser.  I've never had a problem.


It's really not
http://html5test.com/results/desktop.html
138/500

You see the features aimed at you. You do not see what you're missing. I have to replicate the features that are meant to be built into your browser so the site shows up correctly for you. If I don't, I have to make it so the basic functions still work for you. That way you never notice the problem.

It's like bragging about how your apartment stays so tidy while oblivious to the fact that your roommate hired a maid. "I drop something on the floor, and the next day it's clean, folded and in my closet. It's a great apartment."
 
2013-01-02 01:00:15 AM  
Seriously, my company recently went to IE7.  Yes, we just got a 6 year old browser as our standard.

/And it's a tech company
 
2013-01-02 01:51:30 AM  
Years ago, I abandoned IE for Chrome. I think IE is still on my my machines though. Am I safe as long as I don't actually use IE?
 
2013-01-02 01:04:17 PM  
Good thing my company has me locked down to version 8 and won't allow me to do my own updates or installs. SECURITY!
 
Displayed 23 of 23 comments

View Voting Results: Smartest and Funniest


This thread is archived, and closed to new comments.

Continue Farking
Submit a Link »






Report