Actively Exploited IE7-IE11 Flaw Allows Drive-By Malware Downloads

[Guest]

Microsoft emits emergency patch for a zero-day flaw found in Internet Explorer versions 7 through 11, found by Google researcher, Clement Lecigne. Users should update their machines immediately as the vulnerability is already actively exploited.

Actively Exploited IE7-IE11 Flaw Allows Drive-By Malware Downloads : Read more

 

[nukemaster]

This can not be.

I thought only flash was the only Vulnerability and killing it off would put an edit to all the problems on the internet.

Every hole they plug will lead hackers to find 2 more.

All software has holes, it is just a matter of finding them.

At least it is being taken care of fast.

Ad blockers are more important than ever.

 

[shiitaki]

My solutions? Pretty damned obvious. I did not know that adds were free to post, and anyone could use the service anonymously! Oh wait! I'm pretty certain that is NOT the case. Google and Yahoo have both been serving up malware adds. The team Zero day is doing a great job of finding problems, the sales team on the other hand is quite literally destroying their business model. As the other poster mentions, a good ad blocker may be the most important security measure. Google and Yahoo are literally blowing holes in their own business model. What is the solution? Google and Yahoo can start cancelling the accounts of companies posting Malware. They can start inspecting adds like they inspect everyone's emails!

Seriously! This is ridiculously obvious that the add companies are responsible for the content they host. Apparently it is completely legal to hack peoples computers, and write as well as distribute malware. Because all you have to do is follow the money, you morons! Get off your ass and save your business! If you need helping connecting the dots, those guys in the Zero day department seem to be competent.

Now if you'll excuse me, I have to go find a good adblocker, and do my part in putting a crimp in Google, Yahoo, and all of the other add companies face rolling on this.

 

[willgart]

what??? Google is responsible for this exploit??? because this is going through ADs... so its Google fault. no ads no problem.
and why they create ads which are more than a single image?
I still dont understand these scripts everywhere while a simple image do the job.

Send the image to Google, so no redirect to any 3rd party site, first point and a validation can be applied by Google before accepting the ADs...

 

[nukemaster]

Send the image to Google, so no redirect to any 3rd party site, first point and a validation can be applied by Google before accepting the ADs...

One can dream.

Google is not alone and all advertisers seem to do it that way.

This is how it was done in the old days(just a small banner that did not try to pretend to be part of the site).

 

[johntheawe]

LOL. I and EVERYONE that I know (I reside in hacking/pentesting communities) KNEW this would happen. It is a cold hard fact that some 0-day exploits would be released for it. And I already know how many are running around for windows 10 and microsoft edge.

 

[Iamsoda]

Its sad and I try to play it ethical with having adds (content isn't free), but at the same time its hard to risk not having add block on. I normally keep it disabled on a few favorite/trusted sites.

 

[JerryCaldwell]

Any Ad Blocker recommendations? It seems like a minefield out there trying to Down-load good tools.

 

[Clayman1000x]

Good thing I don't use IE or Windows.

 

[Iamsoda]

Any Ad Blocker recommendations? It seems like a minefield out there trying to Down-load good tools.

I use this https://adblockplus.org/releases/adblock-plus-12-for-internet-explorer-released