Hang in there, Internet Explorer peeps: Gaping zero-day fix coming Tues Microsoft is preparing to close a wide-open security hole in Internet Explorer - a vulnerability state-backed spies are exploiting to mine organisations across Asia. A update to fix the flaw is among four critical patches Redmond has lined up for the October edition of Patch Tuesday, due next week. Versions 6 through to 11 of …
"I have. IE has had fewer holes than have been in Chrome, Firefox or Safari ever since IE7 onwards....."
And how many FF vulnerabilities are serious enough to allow a rootkit installation like this IE vuln. is merely by browsing a web-page containing a .jpg ?
"And how many FF vulnerabilities are serious enough to allow a rootkit installation like this IE vuln. is merely by browsing a web-page containing a .jpg ?"
FF has had a lot more "highly critical" vulnerabilities than any recent version of IE:
http://secunia.com/advisories/product/43196/?task=statistics
your readership aren't using IE unless forced to by some obscure web-page that still uses javascript pop-ups to alert users that they need to use IE and whose servers are hacked into since late 2000 but to-date nobody within the orgnisation even know why there are occasionally out-going traffic spikes the size of their entire DB to a obscure IP.
"I had to use IE the other day simple because no other browser would work on the site."
I've run into this at the corporate level where the only way to use an outside vendor's service, in this case, Big Name banks (which one? all of them) was with IE because that's what the specialized corporate customer software was written for.
To make it even more fun, you had to, HAD TO, have the latest Java updates or it still wouldn't work. Only problem with that was that the Java updates BROKE some in-house specialized software that, wait for it... handled certain accounting subroutines. Namely, the one where you first gathered your data to, wait for it again... send to the bank.
Getting IE to work properly is like Bullwinkle trying to pull a rabbit out of his hat.
And it’s funny because nobody uses IE any more, do they? What? Some moron in IT still thinks it’s easier to manage?
What I can’t understand is why a vulnerability that’s been known exploited for a month is called zero-day. Shouldn’t it be called –30 day?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
