SPARC Forums

Main Forums => Chit Chat => Topic started by: Waylon on Dec 16, 2008, 10:19:23 AM

Title: Microsoft says to "switch away from Internet Explorer NOW"
Post by: Waylon on Dec 16, 2008, 10:19:23 AM
Microsoft has begun flooding media outlets with information advising users to switch to an alternate browser (http://news.bbc.co.uk/2/hi/technology/7784908.stm)while a serious security flaw is being patched. The flaw, which affectsall versions of Microsoft Internet Explorer, is manifested via malwareand has infected over 6000 sites thus far (http://www.eweek.com/c/a/Security/Hackers-Compromise-Legit-Web-Sites-to-Target-Microsoft-IE-Flaw/).

Microsoft states: 'The vulnerability exists as an invalid pointer reference in the data-binding function (http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9123338)of Internet Explorer. When data binding is enabled (which is thedefault state), it is possible under certain conditions for an objectto be released without updating the array length, leaving the potentialto access the deleted object's memory space. This can cause InternetExplorer to exit unexpectedly, in a state that is exploitable.'"

According to the BBC report, though, Microsoft itself is only askingthat users be "vigilant while it investigated and prepared an emergencypatch"; it's outside experts who say to dump IE (at least for now).


[HIGHLIGHT=#ffff00]We recommend using Firefox: Get Firefox Now[/HIGHLIGHT]
(http://www.mozilla.com/en-US/firefox/)[/SIZE]