Thanks For The Security Hole MS

This is an amazing story, I couldn’t quite believe it at first. A strange twist in the ongoing browser wars it seems. A new security flaw in Microsoft Internet Explorer can compromise the open source Mozilla Firefox browser, if it’s installed on the same Windows system. At first I thought it might be a deliberate ploy on Microsoft’s part, then I realized I was being a little too cynical and the vulnerability was probably organic. Besides, I don’t think MS have the competence to deliberately pull this off anyway 😉

Here’s the details. It’s been discovered that if a user clicks certain malicious links within their IE browser it can call Firefox via a Windows command line argument and execute remote code in the background. This is a hackers dream but experts have been quick to stress there’s no evidence of the exploit actually being used in the wild as yet. It’s been confirmed as affecting Firefox 2.0.0.4 and Mozilla have been quick to stress this will be patched in version 2.0.0.5 of the browser, due out soon. Obviously they can’t patch the flaw in IE because MS are very protective over their precious code. You might wanna check out the full details of this story in the Linux Insider article below:

CLICK HERE FOR THE FULL ARTICLE

It’s seems a little worrying to me that these sort exploits are regularly publicised in this way, often with an accompanying statement saying “don’t worry hackers don’t know about it yet”… well they didn’t know until you decided to go and tell the whole world you idiots. Tell us when you’ve patched the exploit and not before, wouldn’t that be a safer option?

In the meantime if you’re on Windows, have Firefox installed and for some reason still browse in IE you’ve been warned. Of course there is a simple solution to this vulnerability though, I think you know what I’m going to say…. an Ubuntu LiveCD, you know it makes sense 🙂

Posted in Uncategorized
One comment on “Thanks For The Security Hole MS
  1. Mick says:

    It’s amazing how you can deliver scary stuff like this, mix it with your brand of humour, and now I don’t really know whether to laugh or cack myself. It is naive though for them to think that hackers won’t find out about this stuff before tic taccers like me would.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Time limit is exhausted. Please reload the CAPTCHA.

July 2007
M T W T F S S
« Jun   Aug »
 1
2345678
9101112131415
16171819202122
23242526272829
3031  

I paid up to protect your bits. Open Rights Group.

Creative Commons

Creative Commons License
Unless otherwise stated all work is licensed under a Creative Commons Attribution-Share Alike 2.0 UK: England & Wales License.