Re: Where is the IE zero day exploit in the news...



Imhotep <imhotep@xxxxxxxxxx> wrote in
news:59idnQa7aIKu7gvenZ2dnUVZ_t-dnZ2d@xxxxxxxxxxxx:

> I do not see warning people about a seriously critical security hole as
> being trivial. Tell that to the people that lose their credit card info
> (or whatever)....I am sure they would love to hear you explaination
> about how "trivial" it is...

While the potential for harm is there the fact is that it hasn't been
exploited and even it it were it's unlikely anyones credit card number
would be obtained.

Besides if you following Microsoft's advice and set the security on the
Internet zone to High you are not vulnerable:

http://www.microsoft.com/athome/security/online/browsing_safety.mspx

> However, it is strange that Firefox gets press for a trivial IDN
> security issue and IE gets none for a browser remote code execution
> security issue. Don't you think that is a little strange?

Firefox got market share by claiming it was 'more secure' than IE and thus
attracts more attention when it's found to be vulnerable. It's interesting
that Firefox is now downplaying the security angle in favor of a 'better
web experience'.

> It has been how long now 2 weeks and not a peep on any of the popular
> web sites....Yet the media loves to sensationalize things...still not a
> peep...

Obviously Microsoft has payed off all the major media providers;-)

> Sorry but I think their is a little political (marketing) pressure
> here....

I bet you haven't heard anything about a similar (buffer overflow could
lead to remote code exexcution) bug in Firefox 1.5 that's been around for
about a week now.

https://bugzilla.mozilla.org/show_bug.cgi?id=319004
http://packetstormsecurity.org/0512-exploits/firefox-1.5-buffer-overflow.txt

Perhaps computer security vulnerabilities are getting to be so commonplace
that the media can't be bothered to report them anymore?
.



Relevant Pages

  • RE: [Full-Disclosure] IE is just as safe as FireFox
    ... little happier running windows. ... Back on topic though, IE is no where near Firefox for security, however, ... More infinate wisdom there Rafel. ...
    (Full-Disclosure)
  • Re: OT: Computers
    ... We need a serious change in the security paradigm. ... remediate all 40 on his own weekend time just because he's the one stuck ... And Firefox alone has grabbed a *huge* chunk of Explorer's market over the past two years. ... PS: perhaps one of the shifts will be having PCs with locked hard drives that just contain the basics: the OS, a browser, etc... ...
    (rec.gambling.poker)
  • Re: Critical error 101 on MS AntiSpyware install
    ... Not to mention everyone and their brother that is on the firefox high ... low and behold - Windows Help opens up - hum, ... because the one thing that was on on my little browser was the little ... Just use windows security, and not ignore ...
    (comp.security.misc)
  • Re: Critical error 101 on MS AntiSpyware install
    ... Not to mention everyone and their brother that is on the firefox high ... low and behold - Windows Help opens up - hum, ... because the one thing that was on on my little browser was the little ... Just use windows security, and not ignore ...
    (comp.security.firewalls)
  • Re: Where is the notificiation about IE zero day vulnerablity?
    ... >> protected your Firefox web client. ... >> the popular web site written a thing about it. ... this is a serious a security hole as there ... > about how it was poised to be the one browser to finally beat Microsoft at ...
    (microsoft.public.security)