Internet Explorer Browser Security Bug

Wolf

Well-Known Member
Oct 11, 2008
33,523
10,229
168
Phoenix
U.S. Government Suggests that You Switch from Internet Explorer

The U.S. Department of Homeland Security advised computer users to consider using alternatives to Microsoft Corp’s Internet Explorer browser until the company fixes a security flaw that hackers have used to launch attacks.

The United States Computer Emergence Readiness Team said in an advisory released on Monday morning that the vulnerability in versions 6 to 11 of Internet Explorer “could lead to the complete compromise of an affected system.”

BOSTON — Microsoft is rushing to fix a bug in its widely used Internet Explorer Web browser after a computer security firm disclosed a flaw over the weekend, saying hackers have already exploited it in attacks on some U.S. companies.

PCs running Windows XP will not receive any updates fixing that bug when they are released, however, because Microsoft stopped supporting the 13-year-old operating system earlier this month. Security firms estimate that between 15 and 25 percent of the world’s PCs still run Windows XP.

Microsoft disclosed on Saturday its plans to fix the bug in an advisory to its customers posted on its security website, which it said is present in Internet Explorer versions 6 to 11. Those versions dominate desktop browsing, accounting for 55 percent of the PC browser market, according to tech research firm NetMarketShare.

Cybersecurity software maker FireEye said that a sophisticated group of hackers have been exploiting the bug in a campaign dubbed “Operation Clandestine Fox.”

FireEye, whose Mandiant division helps companies respond to cyber attacks, declined to name specific victims or to identify the group of hackers, saying that an investigation into the matter is still active.

“It’s a campaign of targeted attacks seemingly against U.S.-based firms, currently tied to defense and financial sectors,” FireEye spokesman Vitor De Souza said via email. “It’s unclear what the motives of this attack group are, at this point. It appears to be broad-spectrum intel gathering.”

He declined to elaborate, though he said one way to protect against them would be to switch to another browser.

Microsoft said in the advisory that the vulnerability could allow a hacker to take complete control of an affected system, and then do things such as viewing, changing, or deleting data; installing malicious programs; or creating accounts that would give hackers full user rights.

FireEye and Microsoft have not provided much information about the security flaw or the approach that hackers could use to figure out how to exploit it, said Aviv Raff, chief technology officer of cybersecurity firm Seculert.

Yet other groups of hackers are now racing to learn more about it so they can launch similar attacks before Microsoft prepares a security update, Raff said.

“Microsoft should move fast,” he said. “This will snowball.”

Still, he cautioned that Windows XP users will not benefit from that update since Microsoft has just halted support for that product.

The software maker said in a statement to Reuters that it advises Windows XP owners to upgrade to one of two most recently versions of its operating system, Windows 7 or 8.
 

hyson

Forum Jerk
Oct 19, 2008
11,844
1,061
113
Who even uses IE anymore?

Oh, that's right, the entire Commonwealth of PA Government... and I think we're on 8 or 9, definitely not 11.
 

Channel98

Don't yell or hit.
Feb 2, 2019
11,158
6,726
168
Glendale CA
After eight years, I can finally answer Mister hyson's question. Worldwide in 2022, only 0.9% of desktops and laptops still use Internet Explorer. Microsoft's Edge, introduced in April 2015, is the default web browser for Windows 10 and Windows 11. It replaced Internet Explorer. Edge is also available for Android, iOS, macOS and Linux. Worldwide, Edge is now the second most popular desktop/laptop web browser. Google Chrome is first.

 
  • Like
Reactions: sadchild

Channel98

Don't yell or hit.
Feb 2, 2019
11,158
6,726
168
Glendale CA
A search for hyson – which sounds like a great title for a reality TV series – brings up this message: "This user's profile is not available." His last post appears to be the final post on this thread, August 2018:

 

scotchandcigar

All I wanted was some steak
Feb 13, 2009
24,723
19,728
168
Vacationland
Odd. A different board changes title of banned users to "Time Out". His just says "Forum Jerk".
That was his tagline, but I don't see his profile when I search. In any case, I'm not sure why you seem to be arguing the point.

He was banned by an administrator, probably 3 years ago. I have personal knowledge of this. I'm sure someone can corroborate if that's something you need.
 

IdRatherBeSkiing

Sherbet is NOT and NEVER WILL BE ice cream.
Oct 11, 2008
28,256
14,544
168
Toronto, ON
That was his tagline, but I don't see his profile when I search. In any case, I'm not sure why you seem to be arguing the point.

He was banned by an administrator, probably 3 years ago. I have personal knowledge of this. I'm sure someone can corroborate if that's something you need.
I am not disputing that but wonder why this forum software does not do the "Time Out" thing like the other. I think they are both the same software.
 

HecticArt

Administrator
Oct 19, 2008
50,936
18,035
168
Toledo, Ohio
He was banned? I thought he was one of the ones who stopped coming when we stopped talking politics.
Unfortunately, he did get banned.
He had a short temper at times and insulted other members.
The last incident, even after a warning, he doubled down with insults rather than letting it go. Most of the time he was fine and entertaining, but his temper got the best of him one too many times.
 
  • Like
Reactions: IdRatherBeSkiing

sadchild

Dude
Mar 28, 2016
11,925
13,613
168
54
NH
www.asimplecomplex.com
Microsoft's Edge, introduced in April 2015, is the default web browser for Windows 10 and Windows 11. It replaced Internet Explorer.
Edge was introduced in 2015, then completely scrapped -- replaced with a Chromium-based browser named.......... Edge!

Microsoft has told customers that the April cumulative update for Windows 10 — the one slated to arrive on April 13, that month's "Patch Tuesday" — will remove the original, and now outdated, Edge browser and replace it with the newer Chromium-based Edge that debuted a year ago.
 

scotchandcigar

All I wanted was some steak
Feb 13, 2009
24,723
19,728
168
Vacationland
Edge was introduced in 2015, then completely scrapped -- replaced with a Chromium-based browser named.......... Edge!

Microsoft has told customers that the April cumulative update for Windows 10 — the one slated to arrive on April 13, that month's "Patch Tuesday" — will remove the original, and now outdated, Edge browser and replace it with the newer Chromium-based Edge that debuted a year ago.
BTW, if you work for a company like mine, which combines cutting-edge technology with Mesozoic-era software and processes, you'll know about "IE Mode" for Edge. So if you have business software apps that predate the term "apps", you can keep it working with Edge, by making it act like IE. I hear this is very popular in North Korea.