Major flaw revealed in Internet Explorer; users urged to switch

Tue Dec 16, 2008 11:49AM EST

See Comments (161)

The major press outlets are abuzz this morning with news of a major new security flaw that affects all versions of Internet Explorer from IE5 to the latest beta of IE8. The attack has serious and far-reaching ramifications -- and they're not just theoretical attacks. In fact, the flaw is already in wide use as a tool to steal online game passwords, with some 10,000 websites infected with the code needed to take advantage of the hole in IE.

Virtually all security experts (as well as myself) are counseling users to switch to any other web browser -- none of the others are affected, including Firefox, Chrome, and Opera -- at least for the time being, though Microsoft has stubbornly said it "cannot recommend people switch due to this one flaw." Microsoft adds that it is working on a fix but has offered no ETA on when that might happen. Meanwhile it offers some suggestions for a temporary patch, including setting your Internet security zone settings to "high" and offering some complicated workarounds. (Some reports state, however, that the fixes do not actually work.)

Expedient patching or switching are essential. Security pros fear that the attack will soon spread beyond the theft of gaming passwords and into more criminal arenas, as the malicious code can be placed on any website and can be adapted to steal any password stored or entered using the browser. It's now down to the issue of time: Will Microsoft repair the problem and distribute a patch quickly enough to head off the tsunami of fraud that's about to hit or will it come too late to do any good?

Meanwhile, I'll reiterate my recommendation: Switch from Internet Explorer as soon as you can. You can always switch back once the threat is eliminated. (To clarify: You don't need to uninstall IE, just don't use it for the time being.)

Links for other browsers to try: Firefox Chrome Safari Opera

Comments on Major flaw revealed in Internet Explorer; users urged to switch

Post a Comment

Join in the discussion. Here you'll see the comments in the order they were posted.

  • 146 Posted by kntc71 on Thu Sep 3, 2009 4:52PM EDT Report Abuse

    I tried to download it... but when I got to the page it said "internet Explorer cannot display the page" so needless to say... im still stuck with the crap version...

  • 147 Posted by mguzman011 on Thu Sep 3, 2009 7:17PM EDT Report Abuse

    um guys??? this sorta seems like an AD why?gee well get rid of IE get FireFox!! sorta seems like subliminal messaging!!!!! also ive used IE and never has my computer crashed!!!!but one day i wanna get a MAC!! but back 2 da point i dont care wat people think... :P lol im Soryy..

  • 148 Posted by lvngsrn on Thu Sep 3, 2009 7:01PM EDT Report Abuse

    Dont worry you firefox users will get yours soon enough..LOL

  • 150 Posted by arctic_avengers_2005 on Thu Sep 3, 2009 2:57PM EDT Report Abuse

    Vista...is a luxury we have Windows 7...is a luxury we will soon have Time...is not MICROSOFT! MAKE THE PATCH AND PUBLI----- ! IN LESS THAN 1 WEEK OR ELSE! LOTS OF PEOPLE CAN EASILY ABUSE SECURITY FLAWS ONCE DISCOVERED

  • 151 Posted by arctic_avengers_2005 on Thu Sep 3, 2009 2:57PM EDT Report Abuse

    oh wait.....they patched it already.... :p nver mind my last comment.... anyway....whenever a new security flaw is found, please patch it ASAP

  • 152 Posted by cryhavoc2004 on Thu Sep 3, 2009 3:31PM EDT Report Abuse

    I've suspected there was code like that on MySpace for a while now. And I use FireFox. I think it has to do with the RemoteAccess service in XP. For some reason, Microsoft doesn't default this to disabled. I had a ton of problems until I disabled Remote Access in the Services screen. I still have a few issues, but I think that I just need to change my password now.

  • 154 Posted by lattie_smart on Thu Sep 3, 2009 4:57PM EDT Report Abuse

    First this, then the Zune New Years Debacle! (and the subsequent denials). Is MS software now all outsourced to Albanian middle-school dropouts? Nah, Albanian tweens would be too conscientious to produce this kind of crap and cover-ups.

  • 155 Posted by chameleon42@ymail.com on Thu Sep 3, 2009 3:21PM EDT Report Abuse

    Um, mguzman011, like have uz evur konsidered A FRIGGIN SPELLCHECKER? Seriously, there are these funny things that are called "complete sentences." Get some, they're all the rage! Your spelling and (lack of) grammar certainly do indicate that "u dont care wat peeplz thnks." It's not cool, sorry, KEWL, it makes you seem as though you are a MORON. And perhaps you should look up what "subliminal messaging" actually IS before you refer to it. Subliminal, by definition, means NOT ABLE TO BE PERCIEVED. You can't SAY something, and have it BE subliminal. Sheesh. We now return you to a relatively intelligent conversation. Unless mguzman011 decides to chime in again.

  • 156 Posted by usmc1a on Thu Sep 3, 2009 10:29PM EDT Report Abuse

    I have lost my IE, cant get it to open. Now use firefox, much easier,

  • 157 Posted by poopars on Thu Sep 3, 2009 8:16PM EDT Report Abuse

    I thought everyone knew that IE sucked.

  • 158 Posted by cooks76082 on Thu Sep 3, 2009 3:29PM EDT Report Abuse

    People it's all political! It is all about marketing. If you get sucked up into it by these rags, then you deserve your outcome. Sure experts will state that it's a "real" threat...afterall wouldn't you if Google, etc., were paying you good $$$ to say so? Every browser, software, hardware, etc., has it's flaws and they always will. Live with it. Keep it updated and you'll have less problems. Quit getting your butts sucked into the politics of marketing.

  • 159 Posted by hotmama102344 on Thu Sep 3, 2009 4:20PM EDT Report Abuse

    I mainly use firefox, but when I need to go online to the county of westchester in NYS I must use explorer to do the legal database on line, and they have no plans to make anything else work. So I'm stuck

  • 160 Posted by odusmagoo on Thu Sep 3, 2009 7:43PM EDT Report Abuse

    search the error you get. Try removing the latest update to IE. I received the error auto-suggest drop down not responding after the latest update and removing it solved the problem of IE not opening. Auto-updates will reinstall it, so watch out. Perhaps the next update will patch it.

  • 161 Posted by zhi541@yahoo.cn on Fri Sep 18, 2009 3:31AM EDT Report Abuse

    Discount Beijing hotels in China-Book star hotels in Beijing. Book now for great savings up to 80% only from BookChinaOnline. http://www.bookchinaonline.com/au/beijing-hotels beijing hotels

More Posts: First Prev 7 8 9 Next Last

Post a Comment

Sign In to Post a Comment

My Tech

Please enable your browser's cookies to activate the My Tech column.

Also on Yahoo! Tech

Computers Home Office Wi-Fi & Networking Phones & PDAs Cameras & Camcorders TV & Home Theater Portable Audio
 

Site Map | Tour | Subscribe to Yahoo! Tech

Question and Answer content at Yahoo! Tech is written by Yahoo! users at Yahoo! Answers. Yahoo! does not evaluate or guarantee the accuracy of any Yahoo! Answers content. For more information, read the Full Disclaimer.

Opinions expressed by the Advisors are their own and do not necessarily reflect the views of Yahoo! Inc. Yahoo! receives no compensation from any manufacturer or distributor nor does it compensate any Advisor for the coverage of any product or service in any Advisor's content.