Microsoft Confirms IE Fault in Google China Hack

[Marcus Yam]

Hackers exploited Internet Explorer security flaw in Google attack.

Microsoft Confirms IE Fault in Google China Hack : Read more

 

[botabota]

Thats why we have firefox

 

[Hanin33]

anyone surprised?

 

[4trees]

Using Google Chrome

 

[buckinbottoms]

Actually, it is still googles fault. The fix was available and has been available since IE7. Its called DEP. Google was either using IE6 which does not have the feature, or IE7 and did not enable DEP, or was using IE8 and manually turned the feature off since it is active by default.

 

[gzhang]

From MS security Advisory (provided above), it doesn't look like DEP can prevent this attack. Most likely the pointer can be used to alter the execution path, not a stack overflew bug.

 

[sublifer]

http://www.tomshardware.com/forum/20945-9-viewing-images

Come on people! Vote for Change!

 

[flyinfinni]

Doesn't sound like it was a known problem with a fix already available to me or Microsoft would not have admitted any part of the blame.

 

[war2k9]

As I remember some online saying ie8 is the safest web browser out there.
can we still trust ms ie8?

 

[CrashOverride90]

lol exactly the reason why i always use firefox with two top-notch security plugins (Adblock plus and noscript).

 

[STravis]

And this is why we don't trust MS software (no matter how much MS tries to convince us they care about security)..

 

[doc70]

there is no browser out there that has zero security flaws. Admittedly, some have more than others, I don't use IE on any of my Windows machines, but that does not excuse the fact that China uses this to exercise it's censorship.
Before blaming the homeowner for not having the latest and greatest locks on his doors I would still blame the burglar first for breaking in. If we start diverting the blame onto the wrong party then good luck when you become the victim.
As I have said it before, any PC/OS and any browser is only as smart as it's user. If the user is evil, the PC becomes "evil" as well.

 

[alextheblue]

"a vulnerability in Internet Explorer appears to be one of several attack mechanisms that were used in highly sophisticated and targeted attacks against several companies."

But clearly, it is IE's fault exclusively.

 

[ta152h]

IE kind of sucks, on a general basis, so that's the main reason I use Opera. Plus, no one is going to develop these attacks for Opera, since the market share is so low. On top of that, it's a fine browser.

I hate the IE user experience. It's typical Microsoft software - heavy handed, bloated, and buggy. I like Firefox, but, prefer Opera. I expect with Firefox getting so much market share, it might become a more attractive target.

Is it too late to let the Japanese take over China, instead of preventing it? For the life of me, I don't know why we coddle this country that is intent on undermining us. As Winston Churchill said, appeasement is like feeding a crocodile hoping he'll eat you last. We need to start making them pay for their nonsense. Otherwise, why will they stop? It's like feeding a Tiger steak, and hoping it will become a vegetarian.

 

[eddieroolz]

IE is good for me, I'll continue to use it.

 

[Guest]

is too late to stop the japanese bombing pear harbor too. is too late to stop the american nuke japan too. is to late to know that japanese auto is better than your own. is too late that you need to borrow money from china and buying everything from china for everyday needs. is too late to know that you can;t produce your own stuff with cheap labor eventhru you are poor now. is too late to boycut the chinese product and goods cause is so cheap that you cant get it anywhere anycountry that can make it with this quality and cheap. is too late to build your own factory to made your own stuff that cheap and you will spent your money buying american product anymore. is too late to rebuild your economy now since your government try to print more money to save the market but mostly all the ceo out there willing to spent the government saving funds as Christmas bones. is too late to realize that you are been too lazy and is too late to understand that sometime too much freedom stops you moving forward. the only way to stop the chinese is not by judge how and what they can do. you should worries more about yourself too see what you can do to make yourself better. china is evil at least but they never war against any country after ww2. I guess good eastern world love war against mideast.

 

[anamaniac]

Dissapointing to have apparantly missed a major flaw, however, Microsoft admitted their mistake and they're workign to fix it, so I'm satisfied with the outcome.

 

[Regulas]

What do you expect when MS ties their browser to the OS at the kernel level. Windows is a Swiss Cheese OS. Now flame me MS fanboys on how perfect 7 is.

 

[Regulas]

[citation][nom]sublifer[/nom]http://www.tomshardware.com/forum/ [...] ing-imagesCome on people! Vote for Change![/citation]
Half the idiot voters in the USA are mind numb idiot lemmings and voted for change in our President from Kenya and look what it got us, Socialism.

 

[back_by_demand]

[citation][nom]ta152h[/nom]IE kind of sucks, on a general basis, so that's the main reason I use Opera. Plus, no one is going to develop these attacks for Opera, since the market share is so low.[/citation]
That is a pretty bad excuse for using it. You are trading less security for being harder to find? This does not bode well if anyone deliberately targets you.

 

[back_by_demand]

[citation][nom]noshreiels@yahoocom[/nom]china is evil at least but they never war against any country after ww2.[/citation]
Oh no you didn't do that

http://en.wikipedia.org/wiki/Sino-Indian_War
http://en.wikipedia.org/wiki/Invasion_of_Tibet_(1950%E2%80%931951)
http://en.wikipedia.org/wiki/Sino-Vietnamese_War
http://en.wikipedia.org/wiki/People%27s_Liberation_Army_invasion_of_Xinjiang_(1949)
http://en.wikipedia.org/wiki/1987_Sino-Indian_skirmish
http://en.wikipedia.org/wiki/Chola_incident
http://en.wikipedia.org/wiki/Sino-Soviet_border_conflict

Know history much? Or just burying your head in the sand...

 

[back_by_demand]

[citation][nom]Regulas[/nom]Half the idiot voters in the USA are mind numb idiot lemmings and voted for change in our President from Kenya and look what it got us, Socialism.[/citation]
Dude, he's from Hawaii, and before you say "well all blacks are from Africa" unless you are Souix Nation or Cherokee you don't have much of an arguement.

 

[ta152h]

[citation][nom]back_by_demand[/nom]That is a pretty bad excuse for using it. You are trading less security for being harder to find? This does not bode well if anyone deliberately targets you.[/citation]

If you read the post, you'd see it was a secondary issue, not the primary. To me, it's simply the best browser to use. You have the followers who use IE and Firefox, which I don't have a problem with, so long as they've tried the others. Some of it is personal preference, but most people have never even tried others.

I don't know how people can use IE. It's such an obnoxious browser, and it's slow. Firefox I can understand.

The main reason I use Opera is it's available on virtually any version of Windows. I was fixing a friend's PC, that was running on Windows ME. He was suffering with IE 6. Firefox doesn't support it with any recent releases, and there was a lot of things he couldn't run with Flash. So, we upgraded him to Opera, and all of the sudden his computer can run a lot more things. If I have to support computers, I'd prefer they all use the same browser since I don't have to remember 150 different things. On top of this, I just think Opera is easier to use, and better.

The frosting on the cake is market share for IE is going to create the most attacks. Firefox will start getting them too. It's the main reason - I don't worry about this type of crap at all. But, it is reality if you do worry about it. And where is it written that IE is more secure than Opera? From what I have seen, all the attacks are on IE. That's not a good reason to think it's more secure.

 

[back_by_demand]

[citation][nom]ta152h[/nom]If you read the post, you'd see it was a secondary issue, not the primary. To me, it's simply the best browser to use. You have the followers who use IE and Firefox, which I don't have a problem with, so long as they've tried the others.[/citation]
I'm not dissing your choice, each to their own as it were, i'm just wary of any situation that relies on "not being noticed" to be safe, not just on the internet but life in general. Life has a habit of biting you in the ass when you do that. Stay safe bro'

 

[ta152h]

[citation][nom]back_by_demand[/nom]I'm not dissing your choice, each to their own as it were, i'm just wary of any situation that relies on "not being noticed" to be safe, not just on the internet but life in general. Life has a habit of biting you in the ass when you do that. Stay safe bro'[/citation]

Life has a way of biting you in the ass not matter what you do. You no doubt know what I'm talking about. You try to do the safe thing, and it turns out to be the dangerous thing. You try to do the smart thing, and it's the dumb thing. But, I'm pretty sure that IE is riskier than Firefox and Opera. That comes with the caveat that reality is a bad joke. Who would ever have thought the quickly thrown together, and treacherous instruction set of the 8086 would become the dominant one? Need I say more?

The only thing I have figured out is, no matter what I do, my ass is going to get bitten. The only solution is to learn how to deal with a bit ass. Every time I think I am doing the right thing to avoid it - CHOMP.