Half Monk 697 Report post Posted September 18, 2013 Normally, Microsoft releases security bulletins for software products on the second Tuesday of each month. That happened last week as scheduled, but today the company announced it has rushed out an additional patch designed to fix an exploit that has been found in Internet Explorer, and is being used in attacks on IE8 and IE9. In a post on its security response blog, Microsoft says the issue would allow a hacker to launch a remote code execution if a person surfs to a website using IE that contains malicious code. The blog adds, "There are only reports of a limited number of targeted attacks specifically directed at Internet Explorer 8 and 9, although the issue could potentially affect all supported versions. " The company has released a "Fix-it" patch, "CVE-2013-3893 MSHTML Shim Workaround" to plug this security hole in all currently supported versions of IE. In addition, Microsoft recommends that users set their security settings on the web browser to "High" to block any ActiveX Controls and Active Scripting on websites. It also recommends users set up IE so that it informs them ahead of time before running any Active Scripting features. The company plans to release a full security patch that will be a more complete solution to this problem in the near future. 1 Share this post Link to post Share on other sites
Saran999 288 Report post Posted September 18, 2013 Who's the one that still use IE? Firefox rulez! ...alas, the real problem still the IE system integration... that's a real threat! Share this post Link to post Share on other sites
ski9826 50 Report post Posted September 18, 2013 Unfortunately, other browsers don't really play well with M$ products sometimes and I have to knock the dust off my IE Btrowser....(IE: Sharepoint, office365 portal, etc.) 1 Share this post Link to post Share on other sites
Saran999 288 Report post Posted September 18, 2013 Yeah, you are sadly right... If you play/work with MS products then you have to stick with them all the long.... And the problem it's always bad coding habit and a mental closure that drives their sw projects. But if you look at the way MS coders are working, you may understand why. They are like in a group hell, where the best you can do at the end of the day is to try to save your bacon... 1 Share this post Link to post Share on other sites
ski9826 50 Report post Posted September 19, 2013 Heh. I've hung out in their QA department before...those guys (at least back in 2000 when I worked across the street) work for like 2 hours a day, get paid for 8 hours (at a nice rate too) then play video games and bullshit the rest of the time...must be nice! I hit 98 hours last week and got paid for 40...this week looks like it will be about the same. Share this post Link to post Share on other sites
Saran999 288 Report post Posted September 21, 2013 They where Dev department? If so then things changes... Share this post Link to post Share on other sites