It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Microsoft rushes to fix browser after attacks; no fix for XP users
page: 1share:
(Reuters) - Microsoft Corp is rushing to fix a bug in its widely used Internet Explorer web browser after a computer security firm disclosed the flaw over the weekend, saying hackers have already exploited it in attacks on some U.S. companies.
PCs running Windows XP will not receive any updates fixing that bug when they are released, however, because Microsoft stopped supporting the 13-year-old operating system earlier this month. Security firms estimate that between 15 and 25 percent of the world's PCs still run Windows XP.
Microsoft disclosed on Saturday its plans to fix the bug in an advisory to its customers posted on its security website, which it said is present in Internet Explorer versions 6 to 11.
Microsoft rushes to fix browser after attacks; no fix for XP users
So, what have we here?
I read a similar news story in my local newspaper (De Telegraaf, Dutch) about this issue, in which it is stated that the US and UK governments are the source for this alarming announcement. That immediately raised some red flags for me, because I would think Microsoft would be the one to announce these sort of issues.
The press release quoted above by Reuters doesn't mention this at all, and indeed makes it look like it was announced by Microsoft.
However, I think it's a very convenient time to announce that virtually all Internet Explorer version still in use (6 to 11) are vulnerable.
(Emphasis added by me)
Still, he [Aviv Raff, chief technology officer of cybersecurity firm Seculert, ed.] cautioned that Windows XP users will not benefit from that update since Microsoft has just halted support for that product.
The software maker said in a statement to Reuters that it advises Windows XP users to upgrade to one of two most recently versions of its operating system, Windows 7 or 8.
Now we get to the meat of the article and what, in my opinion, is the real reason for this announcement: to scare users of Windows XP into upgrading to Windows 7 or 8 and squeezing some more money from their mostly empty pockets.
If this "security leak" was real, then the best advice would be to switch to another browser, independent of your Windows version. I really think this is a scam; that the security risk is either intentional or non-existent and that Microsoft is using its power to extort people into buying new products.
I've tried searching the Microsoft website for more technical information about this security leak, but I couldn't find anything about it. However, the FireEye website has a detailed page on the exploit, which you can find here. (Thanks to BuzzCory for the link)
edit on 29/4/2014 by RationalDespair because: Added link to FireEye website
edit on 29/4/2014 by RationalDespair because: (no
reason given)
originally posted by: RationalDespair
I've tried searching the Microsoft website for more technical information about this security leak, but I couldn't find anything about it...
FireEye.Com has a page about this exploit, giving an explanation of how it works.
And there is a fix for XP users: stop using the POS Internet Explorer browser. According to what I've been reading, the exploit doesn't work on Chrome, FireFox, or Safari. Seriously, though, I'm wondering if MS won't have a patch on their site soon, either one for all IE versions, or specific patches for each version, that could be downloaded & applied even by XP users.
While I can accept that there won't be any automatic updates for XP, as support has expired, it would be petty of MS not to offer a patch on their site for earlier versions of their security hole that poses as a browser.
edit on Tue Apr 29 2014 by DontTreadOnMe because: fixed
code
Why is it that IE always seems to be the most sieve like, leaky insecure browser ever?
If I cast my mind back I seem to remember every so often another story would appear about how IE is a huge security issue, which is then "fixed". But the fact that this is present in all from 6 -11 is worrying, especially when you consider how long IE has been in existence, it begs the question; Why wasn't is spotted sooner?
If I cast my mind back I seem to remember every so often another story would appear about how IE is a huge security issue, which is then "fixed". But the fact that this is present in all from 6 -11 is worrying, especially when you consider how long IE has been in existence, it begs the question; Why wasn't is spotted sooner?
a reply to: RationalDespair
Huh, so what? Upgrade to Mint Linux and forget Microsoft. Simplest solution I can think of.
Mint Linux
Huh, so what? Upgrade to Mint Linux and forget Microsoft. Simplest solution I can think of.
Mint Linux
The people who write anti-virus software are the same people writing the viruses.
Microsoft is force-feeding their products to us now. XP users are screwed. No choice but to buy the new one.
Planned obsolescence on crack.
Microsoft is force-feeding their products to us now. XP users are screwed. No choice but to buy the new one.
Planned obsolescence on crack.
a reply to: RationalDespair
There's really no good reason to use internet exploder, I mean explorer (IE). It's long been considered one of the most vulnerable browsers.
Out of the over a thousand (I haven't been counting, could be over 100,000 for all I know) websites I've tried, I've only found a handful so far that won't work right with anything but IE, and one of them was the windows update site. They use activeX controls which themselves seem to pose a security risk, and I do everything I can to avoid using such sites and IE, but if you do switch to another browser, keep in mind that you may still have to use IE on a few sites that use ActiveX controls.
Personally, I think Google is too "big-brotherish" already so I try to avoid Chrome for that reason, but Firefox is pretty decent if you want to use something other than IE so you can avoid these IE security issues
There's really no good reason to use internet exploder, I mean explorer (IE). It's long been considered one of the most vulnerable browsers.
Out of the over a thousand (I haven't been counting, could be over 100,000 for all I know) websites I've tried, I've only found a handful so far that won't work right with anything but IE, and one of them was the windows update site. They use activeX controls which themselves seem to pose a security risk, and I do everything I can to avoid using such sites and IE, but if you do switch to another browser, keep in mind that you may still have to use IE on a few sites that use ActiveX controls.
Personally, I think Google is too "big-brotherish" already so I try to avoid Chrome for that reason, but Firefox is pretty decent if you want to use something other than IE so you can avoid these IE security issues
edit on 29-4-2014 by Arbitrageur because: clarification
Gimme a break....
Tell me it isn't very convenient that RIGHT after XP goes on the DO NOT SUPPORT list there is all of the sudden a security breach.
Ill bet you dollars to donuts that the vulnerability was added in latest IE patch
Tell me it isn't very convenient that RIGHT after XP goes on the DO NOT SUPPORT list there is all of the sudden a security breach.
Ill bet you dollars to donuts that the vulnerability was added in latest IE patch
a reply to: Arbitrageur
Thanks for the advice. I already use Linux + Firefox, so I'm not personally affected in any way by the IE shenanigans. I just feel that announcing such a major exploit less than a month after support for Windows XP expired is a bit fishy.
Thanks for the advice. I already use Linux + Firefox, so I'm not personally affected in any way by the IE shenanigans. I just feel that announcing such a major exploit less than a month after support for Windows XP expired is a bit fishy.
More important questions:
WTH are you doing using IE still? At least for the last 10 years it has been a contagion pool for all computer related ailments.
And, WTH are you doing using XP still? Its been like 20 years now and there are far better systems in place.
And, XP is no longer supported, deal with it and change OSs.
This is not directed to the OP, just a generalisation.
WTH are you doing using IE still? At least for the last 10 years it has been a contagion pool for all computer related ailments.
And, WTH are you doing using XP still? Its been like 20 years now and there are far better systems in place.
And, XP is no longer supported, deal with it and change OSs.
This is not directed to the OP, just a generalisation.
edit on 2014u15201404am29 by Yusomad because: add last line
a reply to: Bassago
Not everyone can use linux. A whole lot of programs out there don't support linux at all. Leaves a lot of people with no choice but to use windows for the programs they need. I am in that boat, love linux, would have switched over full time to linux a long time ago if not for the programs I need.
Not everyone can use linux. A whole lot of programs out there don't support linux at all. Leaves a lot of people with no choice but to use windows for the programs they need. I am in that boat, love linux, would have switched over full time to linux a long time ago if not for the programs I need.
I would wait to hear what MS has to say about all this. As far as i can see there should be nothing stopping XP users from updating their IE like
anyone else. This sounds like someone trying to give bad press to MS.
or is it more propaganda so people buy a new license ?
i know it sounds scary for most, however it is not :
it's working out of the box for most configuration, it's faster, it's taking less resources from your ram and processor, it doesn't spy on you and it's so much safer virus/worn wise + when they make an update they don't make it sound like they just save your life :
it's called linux,
and the ubuntu distrib built on debian is for the everyday people that just use their computer to browse the web, play some video and do some word/excel job (yes there are plenty of alternate to ms office available they are free, work the same and you can save your files as ms office doc - and better even : make pdf in one click)
just do it now and you'll wondered why you haven't done it before
www.ubuntu.com... (the new LTS -long term service- was just released so you get 5 years service from now on - however the next LTS will be better than the current one so you'll be happy to upgrade - unlike when you change windows which is what it is : a gamble)
i know it sounds scary for most, however it is not :
it's working out of the box for most configuration, it's faster, it's taking less resources from your ram and processor, it doesn't spy on you and it's so much safer virus/worn wise + when they make an update they don't make it sound like they just save your life :
it's called linux,
and the ubuntu distrib built on debian is for the everyday people that just use their computer to browse the web, play some video and do some word/excel job (yes there are plenty of alternate to ms office available they are free, work the same and you can save your files as ms office doc - and better even : make pdf in one click)
just do it now and you'll wondered why you haven't done it before
www.ubuntu.com... (the new LTS -long term service- was just released so you get 5 years service from now on - however the next LTS will be better than the current one so you'll be happy to upgrade - unlike when you change windows which is what it is : a gamble)
edit on 29-4-2014 by anHairInTheSoup because: (no reason given)
a reply to: PhoenixOD
Interesting point, however my experience from using Windows and IE at work over the years has taught me some things about Microsoft, one of them being that they are not hesitant to release a patch for IE or any other MS product (non-OS) that will check the OS version and simply won't install if it doesn't match the intended platform, regardless whether it would work or not.
Interesting point, however my experience from using Windows and IE at work over the years has taught me some things about Microsoft, one of them being that they are not hesitant to release a patch for IE or any other MS product (non-OS) that will check the OS version and simply won't install if it doesn't match the intended platform, regardless whether it would work or not.
originally posted by: TKDRL
a reply to: Bassago
Not everyone can use linux. A whole lot of programs out there don't support linux at all. Leaves a lot of people with no choice but to use windows for the programs they need. I am in that boat, love linux, would have switched over full time to linux a long time ago if not for the programs I need.
that's legend, there is only one in fact and it's photoshop which you can run using a virtual machine (or wine if cs2).
there maybe other very few exception that don't work with wine and that concerns very few people (and they can setup a virtual machine which is a nobrainer)
a reply to: anHairInTheSoup
The only problem with linux is that the average joe is unable to make it function properly, I have been using computers since the early eighties and I would not use ubuntu for anything not work related, yes you can run vboxes for win programs, but its not the same. And, if you are a gamer, you can kiss ubuntu goodbye.
The only problem with linux is that the average joe is unable to make it function properly, I have been using computers since the early eighties and I would not use ubuntu for anything not work related, yes you can run vboxes for win programs, but its not the same. And, if you are a gamer, you can kiss ubuntu goodbye.
a reply to: Yusomad
another legend !
ubuntu works out of the box for all the common system, there is nothing to do apart import your bookmarks.
if you're a developper or don't have a common system, you are not a common user and should be able to do a google search to find the fix you'll need.
list of games supported by playOnLinux (it does the wine config for you, you have nothing to do) : www.playonlinux.com... (elder scrolls series, borderlands, they're most of all there)
if you play on steam you'll also see everyday more and more games are supported
then at the worst a virtual machine heavily tweaked (kill all services & listeners not needed to run the game )+ a powerful config + a proper snapshot and the loading will be instantaneous and the game experience may even be better
edit : and i forgot to mention steamOS
another legend !
ubuntu works out of the box for all the common system, there is nothing to do apart import your bookmarks.
if you're a developper or don't have a common system, you are not a common user and should be able to do a google search to find the fix you'll need.
list of games supported by playOnLinux (it does the wine config for you, you have nothing to do) : www.playonlinux.com... (elder scrolls series, borderlands, they're most of all there)
if you play on steam you'll also see everyday more and more games are supported
then at the worst a virtual machine heavily tweaked (kill all services & listeners not needed to run the game )+ a powerful config + a proper snapshot and the loading will be instantaneous and the game experience may even be better
edit : and i forgot to mention steamOS
SteamOS combines the rock-solid architecture of Linux with a gaming experience built for the big screen.
edit on 29-4-2014 by anHairInTheSoup because: (no reason given)
new topics
-
BIDEN Admin Begins Planning For January 2025 Transition to a New President - Today is 4.26.2024.
2024 Elections: 1 hours ago -
Big Storms
Fragile Earth: 2 hours ago -
Where should Trump hold his next rally
2024 Elections: 5 hours ago -
Shocking Number of Voters are Open to Committing Election Fraud
US Political Madness: 6 hours ago -
Gov Kristi Noem Shot and Killed "Less Than Worthless Dog" and a 'Smelly Goat
2024 Elections: 6 hours ago -
Falkville Robot-Man
Aliens and UFOs: 7 hours ago -
James O’Keefe: I have evidence that exposes the CIA, and it’s on camera.
Whistle Blowers and Leaked Documents: 7 hours ago -
Australian PM says the quiet part out loud - "free speech is a threat to democratic dicourse"...?!
New World Order: 8 hours ago -
Ireland VS Globalists
Social Issues and Civil Unrest: 9 hours ago -
Biden "Happy To Debate Trump"
2024 Elections: 9 hours ago
top topics
-
James O’Keefe: I have evidence that exposes the CIA, and it’s on camera.
Whistle Blowers and Leaked Documents: 7 hours ago, 14 flags -
Australian PM says the quiet part out loud - "free speech is a threat to democratic dicourse"...?!
New World Order: 8 hours ago, 13 flags -
Blast from the past: ATS Review Podcast, 2006: With All Three Amigos
Member PODcasts: 11 hours ago, 13 flags -
Biden "Happy To Debate Trump"
2024 Elections: 9 hours ago, 12 flags -
Mike Pinder The Moody Blues R.I.P.
Music: 11 hours ago, 8 flags -
What is the white pill?
Philosophy and Metaphysics: 11 hours ago, 6 flags -
Shocking Number of Voters are Open to Committing Election Fraud
US Political Madness: 6 hours ago, 6 flags -
RAAF airbase in Roswell, New Mexico is on fire
Aliens and UFOs: 9 hours ago, 5 flags -
Ireland VS Globalists
Social Issues and Civil Unrest: 9 hours ago, 5 flags -
Where should Trump hold his next rally
2024 Elections: 5 hours ago, 5 flags
active topics
-
Gov Kristi Noem Shot and Killed "Less Than Worthless Dog" and a 'Smelly Goat
2024 Elections • 41 • : 5thHead -
President BIDEN's FBI Raided Donald Trump's Florida Home for OBAMA-NORTH KOREA Documents.
Political Conspiracies • 38 • : SchrodingersRat -
Big Storms
Fragile Earth • 11 • : GENERAL EYES -
BIDEN Admin Begins Planning For January 2025 Transition to a New President - Today is 4.26.2024.
2024 Elections • 7 • : WannabeeAuCourant -
Joe Biden and Donald Trump are both traitors
2024 Elections • 65 • : MrMez -
Mood Music Part VI
Music • 3112 • : underpass61 -
James O’Keefe: I have evidence that exposes the CIA, and it’s on camera.
Whistle Blowers and Leaked Documents • 12 • : pianopraze -
Australian PM says the quiet part out loud - "free speech is a threat to democratic dicourse"...?!
New World Order • 6 • : Scratchpost -
"We're All Hamas" Heard at Columbia University Protests
Social Issues and Civil Unrest • 297 • : TheWoker -
Where should Trump hold his next rally
2024 Elections • 18 • : TheMisguidedAngel