* Posts by tdss

2 posts • joined 19 Sep 2012

Redmond promises emergency IE bug fix on Friday (zero day + 5)


Partial quotations for the win....

The BSI only recommends the use of an alternate Browser until the flaw in IE has been fixed. It does not recommend to ditch IE.:

Daher empfiehlt das BSI allen Nutzern des Internet Explorers, so lange einen alternativen Browser für die Internetnutzung zu verwenden, bis der Hersteller ein Sicherheitsupdate zur Verfügung gestellt hat.


This is done because the work-around published by MS, EMET, is only available in English and not in German or any other language.


Inside the guts of a fiendish Internet Explorer 0-day attack


Re: Ouch!

Yes and when a vulnerability is discovered and no patch is available and the vulnerability is known to be exploited in the wild, it's daft to continue to use the vulnerable browser because "surely some time in the future there will be a patch for it'. You wouldn't continue to use your car if the brakes broke down, because "surely at some time in the future I will have it repaired and it'll be safe to use it from then on", you would switch cars until it is fixed...

The recommendation of BSI to switch browser until the patch is released really is the only right thing to do here (as the EMET, MS' proposed work-around, is not available in German).



Biting the hand that feeds IT © 1998–2017