back to article Every single Internet Explorer at risk of drive-by hacks until Patch Tuesday

Microsoft has lined up a bumper Patch Tuesday this month to snap shut a backbreaking 57 security vulnerabilities in its products. Five of the 12 software updates addressing the gaping holes will tackle critical flaws that allow miscreants to execute code remotely on vulnerable systems. In all, the soon-to-be-patched …

COMMENTS

This topic is closed for new posts.

Page:

Silver badge

Oh no! That means every single installation of Windows where I let my users use Internet Explorer as their browser will have to be taken offline.

Oh. Already did that. About 10 years ago. Hell, I have user-agent checking on the proxy that filters the net and IE flags an alert (sadly, so do some old versions of Office and ancient applications that like to use IE as a "plug-in" to get their web access - nothing much lost by blocking of them also, though).

If you're still using IE, you really should have sorted out whatever-problem it was that kept you on it AT LEAST 10 years ago. You can say that all your ActiveX and backend software or whatever "requires" IE, but that doesn't mean you still shouldn't have sorted that problem - by moving to a system that DOESN'T need it.

22
26
Silver badge
Windows

So,

this entire article doesn't concern you in the slightest..

But thanks for your (in my case at least) unwanted opinion on a browser you don't use and haven't for 10 years!

32
11

This post has been deleted by a moderator

Silver badge

Re: So,

It does concern me. That people still are deploying / using IE 10 concerns me greatly. It doesn't affect me directly, however, but that doesn't mean that I a) have no opinion on a public forum on the issue, b) can't express that opinion and c) can't discuss the problem with others.

I commented on a Wii U page the other day but don't own one. Is that forbidden too?

13
16
JDX
Gold badge

Re: So,

>> The parent poster posted useful information.

No, he posted rhetoric based on information that by his own admission a decade out of date.

13
3
Flame

careful with that word "you"

as a consumer of corporate IT services, I don't have a say in the broken software selection process that causes horrible things like Ultipro or other internet-explorer only webservices to be foisted upon me. I suspect that IT frequently doesn't get much say either-- some bean counters get wowed by salespeople and they are the ones who get to choose the payroll system (for example). Bean counters who don't give a crap about corporate security or browser compatibility.

Here at the bottom of the foodchain, there's not a lot of choice. If I want to get on with my real job, the easiest thing is to use IE for anything on our intranet, and since it's already fired up, might as well use it for the internet too. It doesn't make me happy, but it's better than fucking around with some combination of firefox, chrome, and opera and hoping I can find one that is compatible with each of our services with enough cursing, plugins, and modification of settings.

5
0
Silver badge
Windows

Re: So,

No Eadon , he didn't.

He took a leaf out of your book by moaning about something that, by his own admission, he knows nothing about and doesn't use or endorse.

Much like your good self.

4
1
Silver badge
Windows

Re: So,

You are entirely entitled to your opinion. But your opinion is IE is that its shit and you have no problem to discuss (you don't use IE so have no problems).

You can comment on whatever you wish, as my I and the other commentards do but bleating about how bad IE is and that you don't use it and that others are foolish for doing so is self imposed snobbery and the likes of you and Eadon contribute (in this instance) little, other than to bash MS/IE.

4
1
Anonymous Coward

I guess you don't check all your software properly then - and havn't realised that current versions of Internet Explorer have far FEWER security vulnerabilities than other commonly used browsers like Chrome or Safari? We have nearly eliminated such vulnerable third party browsers from our environment and have far less effort patching each month to complete because of it. Any IE issues are easily patched via WSUS / SCCM.

1
1
Silver badge

@AC 19:30

That's partially true, as each browser has it's own small drama theatre when it comes to vulnerability and compatibility. It quite often simple depends on which side of the fence(s) you're parked when it comes to a corporate environment.

Still... It's stupid to simply compare IE as it is now to the unmitigated frustration it delivered 10 years ago. Then again, 10 years ago Netscape wasn't a rose garden either...

0
0
Bronze badge
Mushroom

These are rather more of current note than the IE issues:

http://secunia.com/advisories/52064

http://secunia.com/advisories/52116

Note that the Flash player issue is currently being actively exploited against both PCs and Macs.

0
2
Anonymous Coward

moving to a system that DOESN'T need it.

Sharepoint is such a Bitch.

6
0
Silver badge

Re: moving to a system that DOESN'T need it.

Is there any actual point to Sharepoint beyond an attempt to drum up some cash for Microsoft? Beyond a few little bells and whistles it just seems to me to be a poor man's much slower shared drive.

13
1

This post has been deleted by a moderator

Anonymous Coward

Re: moving to a system that DOESN'T need it.

In fairness, Sharepoint allows for versioning of the documents, and a slightly better access control model than a normal Windows share.

Not that you couldn't achieve the same sorts of goals with other solutions, but Sharepoint does them, and does integrate with the rest of Microsoft's applications - which is rather the idea: you need Sharepoint if you use Office, and if you use Sharepoint you really should use IE, and if you use IE you may as well use IIS, and if you use IIS....

2
1
Anonymous Coward

Re: moving to a system that DOESN'T need it.

In fairness, Sharepoint allows for versioning of the documents, and a slightly better access control model than a normal Windows share.

At the cost of turning Files into Objects, and hiding the distinction. And requiring IE

9
0
Silver badge
Thumb Up

Re: moving to a system that DOESN'T need it.

Sure. Part of my salary comes from our SharePoint support :)

2
0
Silver badge
Boffin

Re: moving to a system that DOESN'T need it.

And good luck getting your data back when Sharepoint borks its repository.

You just need to be familiar with MS SQL :)

At the cost of turning Files into Objects, and hiding the distinction. And requiring IE.

It doesn't require it. It just works a little more smoothly. Most things can be done with Chrome and in some cases you are actually saved from something unpleasant. Chrome doesn't support 'in browser editing' so you're forced to d/load the document and edit outside of the browser which is generally a good thing.

2
0
Silver badge

Re: moving to a system that DOESN'T need it.

Has anyone tried using LibreOffice 4 with Sharepoint yet?

I'd be interested to know the result.

But yes, Sharepoint is a nasty piece of work - it encourages the use of MS word doc format with embedded visio and excel for the storage of useful information. Pre-2010 it habitually ate documents like a spy with a secret on a bit of paper.

If you're going to do distributed web authoring with versioning, do a wiki. Don't faff around trying to make Office a web thing.

2
0
Anonymous Coward

Re: moving to a system that DOESN'T need it.

Well that would depend on if you had a competent SQL server admin, had backed up your databases - or had tried either of the 2 layers of SharePoint recycle bins?

Oh you installed it on a local SQL database and didn't back it up? How's the job hunt going now that they replaced you with someone competent?

0
0
Silver badge
Stop

Re: moving to a system that DOESN'T need it.

> How's the job hunt going now that they replaced you with someone competent?

I'm not a SharePoint admin. I help develop an application that can recover SharePoint data without needing SharePoint to be installed. Doesn't even need MS SQL to be installed. All it needs is the database files and a spare workstation to run on. In the course of my job I have to maintain a few SP servers for testing. The backup facility is a bit naff but it usually does its job. We also use SP for our in-house documents which is where my user experience comes from.

If someone has a problem with their site(s) it actually works in my favour ;)

P.S. If you look at my post you'll see the grin smiley. That's because it wasn't an entirely serious comment.

0
0
Linux

Microsoft Internet Explorer.....

If it was toilet paper, I'd rather use my hand to wipe my arse with.

14
4
Anonymous Coward

Re: Microsoft Internet Explorer.....

Because your hand is free like Open Source right?

1
2
Anonymous Coward

And Windows Mobile 6.x?

I bet they ignore Windows Mobile 6.x devices as usual. It's like these things don't exist now that Microsoft has Windows Phone. The realistic end-of-life for WM6.x was as soon as OEMs released their first ROMs to production.

6
0
Anonymous Coward

Re: And Windows Mobile 6.x?

I guess the browser in Windows Phone is unaffected by this Internet Explorer vulnerability.

0
1
Anonymous Coward

Re: And Windows Mobile 6.x?

Probably it's unaffected - yes. No unsigned code will run on WP.

0
0

This post has been deleted by a moderator

Anonymous Coward

Re: Microsoft screw up YET AGAIN

One day you won't be tedious. Maybe.

In other news, my Opera, Chrome and Firefox installs on Windows and Linux have all had updates some for gaping security holes, I suppose they're not a problem though because they're not MS software.

23
5

This post has been deleted by a moderator

Silver badge
Facepalm

Re: Microsoft screw up YET AGAIN

One day Windows will be ready for the desktop.

Indeed. Maybe one day lots of people will be able to use Windows to do their job and we might even see it being installed on home machines. Maybe if it's really good it will one day become the dominate desktop platform.

Oh, wait...

11
4
Anonymous Coward

Re: Microsoft screw up YET AGAIN

Although apparently it's not today that you've chosen to not be tedious...

3
0

This post has been deleted by a moderator

Silver badge
Thumb Down

Re: Microsoft screw up YET AGAIN

See my point?

How much money is earned every day by people using Windows as a desktop platform? How many home users rely on Windows every day to power their computers?

Do you see my point?

8
1
Facepalm

Re: Microsoft screw up YET AGAIN

"It is difficult to get a man to understand something, when his salary depends upon his not understanding it!"

Do you see Upton Sinclair's point?

7
0

This post has been deleted by a moderator

Silver badge
FAIL

Re: Microsoft screw up YET AGAIN

> Hello MS PR droid :)

I think you mean "Hello fellow MS PR droid :)"

Your posts are so inane and full of hot air, that you are letting the Linux side down. You must be an MS shill!

12
1
Silver badge
Headmaster

@Eadon RE "Hello MS PR droid :)" You are up to it again Eadon and you still, apparently....

......do not get it. El Reg's Vanguard of the Commentariat are a fairly mixed bunch. The largest grouping are (if such labels have any meaning) Android enthusiasts (as far as their phones are concerned at any rate) the second largest group is (as far as I can tell) those who like what Cupertino produce and the third group (rather smaller but not insignificant are our compadres of the Linux persuasion). In fact, "Softies" or MS-fanbois are almost non-existent here - where they do exist they, very wisely, keep their heads very firmly below the parapet. You are a most remarkable commentard - unique in fact. I have never seen any member here (in the last three to four years I have posted on this site) who has managed to achieve what you have. No member, in my experience, has ever made himself such a figure of derision or attracted so many down-vote hosings as you have. Now you may comfort yourself with your little delusion that anyone downvoting you is a closet Redmond-bumboi. I am fairly certain that you are very much mistaken - to get the regular hosings you have as far as down-votes are concerned you have succeeded in pissing off people from all the groups I have mentioned above. Your very special blend of idiocy and abuse directed at anyone you disagree with, regardless in fact of what they have said or how they have expressed themselves, is not having quite the effect you might have hoped for.

10
1
Silver badge
Headmaster

@Jamie Jones " Your posts are so inane and full of hot air.................

.......................that you are letting the Linux side down. You must be an MS shill!"

Ah I see. You are proposing the "reverse FUD hypothesis" to explain his remarkable record hear at El Reg. Whilst I am not entirely unsympathetic to the suggestion I fear that the old saw "never subscribe to malice what idiocy can explain" still remains my favourite take on this kind of thing. Expressed bluntly, he has proved time and time again that he does not have the brains for anything so "advanced" as you are proposing.

:)

AF

4
1
Unhappy

@Arctic Fox

What I don't understand is how, with what must be a very high proportion of downvotes to upvotes, Eadon gets a silver badge. Isn't that supposed to be an indicator that it is a valuable contributor to El Reg's ecosystem? Makes me wish they'd just get rid of the badges, except maybe the gold ones for special commendation (e.g. Trevor Pott).

2
1

Re: Microsoft screw up YET AGAIN

So, only Windows is vulnerable to the kinds of remote attacks that lead to viruses? http://www.cvedetails.com/vulnerability-list/vendor_id-33/product_id-47/cvssscoremin-7/cvssscoremax-7.99/Linux-Linux-Kernel.html. That's just the vulns in the Kernel. I didn't bother checking all the thousand of packages the average Linux distro comes with.

Also has it occured to you that the reason we are seeing increased attacks on things like Java and Flash is that MS have done a lot of work to improve the security in all it's products?

I am no MS fanboy. I think Windows 8 and recent versions of Office are terrible. But, I don't think MS products are all bad.

2
1
Gold badge
Unhappy

Re: @Arctic Fox

"What I don't understand is how, with what must be a very high proportion of downvotes to upvotes, Eadon gets a silver badge. I"

IIRC A fair bit of it is down to the number of posts.

He is somewhat prolific.

The Gold award is a mix of numbers and a view on the quality of the posts taken by the staff of the site.

0
1
Silver badge
Meh

Re: @Arctic Fox

Yes prolific with the same post over and over and over again......................

There is a time and a place to put your reasoned argument or counterpoint in a discussion where it can be effective. However, just saying the same thing every time just makes your argument less effective as people either think you are a crank or just blot you out as background noise. Maybe the person has some kind of mental issue. One that involves fixation on a single topic. Would explain a lot.

2
0
Gold badge

Re: @Arctic Fox

Except for the part where I'm not really worthy of "a special commendation" as regards the comments section, as I spend at least as much of my time in the comments trolling the living piss out of folks as I do actually being helpful and/or useful.

That said, I love me my ignore feature, so I'd have a sad if they took my gold badge away. Personally, I think the solution to Eadon, Richto and so many others (including myself, most likely) is to give the "ignore" option to everyone. (Or get a proper friends and foes system going.)

Trolls wither without attention. I say this as a troll. With the exception of the truly sociopathic, we largely troll because we know we'll get a response. We're bored, angry, frustrated, curious or otherwise looking to vent an emotion in text form such that it provokes a response and allows us to continue an emotional conversation rather than a carefully logical and rational one.

In fact, I think the internet – and websites like El Reg – make it even worse than it used to be. Facts, logic, pedantry, [citation needed], overwhelming criticism to the smallest failure and so forth mean people must check, re-check and check all over again every single little thing they post, say or do. Humans just aren't built for that. We're not logical by nature. We're instinctual primates that have powerful emotions, urges, desires, "gut reactions," and are steered by loyalty, prejudice, and more.

Some days, we just want to hit something, damn it. Even if it is verbally rather than physically. Other days, we just want to vent our displeasure regarding a company, product, individual or so forth. Our society – especially amongst and amidst the technorati – rejects this. Repress your emotions. Control your feelings. Stop, think, get the opinion of the hivemind and test everything empirically. Under no circumstances hold an opinion on something, because opinions aren't backed by Big Data. Whitepaper, sir, or GTFO.

So these people – more amongst IT than elsewhere, I suspect – turn to trolling folks on the interbutts for release. It is "safe," and we can use the knowledge of the past hundred years worth of psychology and group dynamics that is often used against us to ensure a response from others. Emotional gratification in an environment where that is difficult to obtain. Bonus points if you can get a day job as an astroturfer doing the same thing.

Without attention, there is no gratification. There is no incentive to vent your spleen. Why write the diatribe, or come up with the witty one-liner? Americans will tell you that "speech you don't like should be met with more speech." People from a nation with actual functioning internet access will tell you that this is the single stupidest thing you can ever do.

Don't feed the trolls. Click ignore instead.

Beer, because it's beer thirty-five where I am, and you lot should have one too. Don't forget to downvote! Cheers.

3
0
Anonymous Coward

Re: "[the] Gold award is ... [partly based on] the quality of the posts

So how the hell have you got one then?

0
1
Silver badge
Thumb Up

Re: @Jamie Jones " Your posts are so inane and full of hot air.................

Arctic Fox, hey, I try to give everyone a chance - ever the optimist etc.! .. but I'm afraid you are probably right, and I must accept that there really *are* people like Eadon out there...

0
0
Silver badge
Thumb Up

Re: @Eadon RE "Hello MS PR droid :)" You are up to it again Eadon and you still, apparently....

"...... Your very special blend of idiocy and abuse directed at anyone you disagree with, regardless in fact of what they have said or how they have expressed themselves, is not having quite the effect you might have hoped for."

Best post ever!

0
0
Silver badge

Re: @Arctic Fox

"What I don't understand is how, with what must be a very high proportion of downvotes to upvotes, Eadon gets a silver badge."

El Reg said that you need 1000 upvotes to become silver, whilst downvotes are ignored. I assume that in the beginning, the Linux crowd didn't realise Eadons idiocy and thus upvoted him when it seemed appropriate..

But I agree, it does seem a bit of a farce.. I suggest they start to take downvotes into consideration, even if (say) 25% the weight of an upvote..

0
0
Bronze badge
Linux

Re: Do you see my point?

How about this @AndrueC,

How much money is squandered by businesses worldwide on removing malware from Windows WindblowZE systems??

Surely it has to amount to some serious coin?

And, it is an unnecessary expense for many companies. Some people even call it a WindblowZE tax.

So, if someone wants to point out that he decided to get the hell off of that rotten platform, and truly get some work done by either not using Windows WindblowZE (if that was possible); or at the very least, not use Internet Explorer ExploDer, then I sincerely applaud him.

Someone once said that stupidity is repeating the same mistake, over and over again, and expecting a different result. I would suggest, that continuing to Windows WindblowZE in light of its security nightmares, amounts to stupidity.

<--------------------------- Thank $DEITY I saw the light years ago.

0
1
Trollface

Re: @Arctic Fox

TL;DR

0
0
Anonymous Coward

Move along linux users

Only a horrible road accident to see here.

15
0

Page:

This topic is closed for new posts.

Forums