Microsoft Confirms IE Fault in Google China Hack

Thats why we have firefox

anyone surprised?

Using Google Chrome

Actually, it is still googles fault. The fix was available and has been available since IE7. Its called DEP. Google was either using IE6 which does not have the feature, or IE7 and did not enable DEP, or was using IE8 and manually turned the feature off since it is active by default.

From MS security Advisory (provided above), it doesn't look like DEP can prevent this attack. Most likely the pointer can be used to alter the execution path, not a stack overflew bug.

http://www.tomshardware.com/forum/ [...] ing-images

Come on people! Vote for Change!

Doesn't sound like it was a known problem with a fix already available to me or Microsoft would not have admitted any part of the blame.

As I remember some online saying ie8 is the safest web browser out there.
can we still trust ms ie8?

lol exactly the reason why i always use firefox with two top-notch security plugins (Adblock plus and noscript).

And this is why we don't trust MS software (no matter how much MS tries to convince us they care about security)..

there is no browser out there that has zero security flaws. Admittedly, some have more than others, I don't use IE on any of my Windows machines, but that does not excuse the fact that China uses this to exercise it's censorship.
Before blaming the homeowner for not having the latest and greatest locks on his doors I would still blame the burglar first for breaking in. If we start diverting the blame onto the wrong party then good luck when you become the victim.
As I have said it before, any PC/OS and any browser is only as smart as it's user. If the user is evil, the PC becomes "evil" as well.

"a vulnerability in Internet Explorer appears to be one of several attack mechanisms that were used in highly sophisticated and targeted attacks against several companies."

But clearly, it is IE's fault exclusively.

IE kind of sucks, on a general basis, so that's the main reason I use Opera. Plus, no one is going to develop these attacks for Opera, since the market share is so low. On top of that, it's a fine browser.

I hate the IE user experience. It's typical Microsoft software - heavy handed, bloated, and buggy. I like Firefox, but, prefer Opera. I expect with Firefox getting so much market share, it might become a more attractive target.

Is it too late to let the Japanese take over China, instead of preventing it? For the life of me, I don't know why we coddle this country that is intent on undermining us. As Winston Churchill said, appeasement is like feeding a crocodile hoping he'll eat you last. We need to start making them pay for their nonsense. Otherwise, why will they stop? It's like feeding a Tiger steak, and hoping it will become a vegetarian.

IE is good for me, I'll continue to use it.

is too late to stop the japanese bombing pear harbor too. is too late to stop the american nuke japan too. is to late to know that japanese auto is better than your own. is too late that you need to borrow money from china and buying everything from china for everyday needs. is too late to know that you can;t produce your own stuff with cheap labor eventhru you are poor now. is too late to boycut the chinese product and goods cause is so cheap that you cant get it anywhere anycountry that can make it with this quality and cheap. is too late to build your own factory to made your own stuff that cheap and you will spent your money buying american product anymore. is too late to rebuild your economy now since your government try to print more money to save the market but mostly all the ceo out there willing to spent the government saving funds as Christmas bones. is too late to realize that you are been too lazy and is too late to understand that sometime too much freedom stops you moving forward. the only way to stop the chinese is not by judge how and what they can do. you should worries more about yourself too see what you can do to make yourself better. china is evil at least but they never war against any country after ww2. I guess good eastern world love war against mideast.

Dissapointing to have apparantly missed a major flaw, however, Microsoft admitted their mistake and they're workign to fix it, so I'm satisfied with the outcome.

What do you expect when MS ties their browser to the OS at the kernel level. Windows is a Swiss Cheese OS. Now flame me MS fanboys on how perfect 7 is.

Half the idiot voters in the USA are mind numb idiot lemmings and voted for change in our President from Kenya and look what it got us, Socialism.

That is a pretty bad excuse for using it. You are trading less security for being harder to find? This does not bode well if anyone deliberately targets you.

Oh no you didn't do that

http://en.wikipedia.org/wiki/Sino-Indian_War
http://en.wikipedia.org/wiki/Invas [...] 80%931951)
http://en.wikipedia.org/wiki/Sino-Vietnamese_War
http://en.wikipedia.org/wiki/Peopl [...] ang_(1949)
http://en.wikipedia.org/wiki/1987_Sino-Indian_skirmish
http://en.wikipedia.org/wiki/Chola_incident
http://en.wikipedia.org/wiki/Sino- [...] r_conflict

Know history much? Or just burying your head in the sand...

Dude, he's from Hawaii, and before you say "well all blacks are from Africa" unless you are Souix Nation or Cherokee you don't have much of an arguement.

If you read the post, you'd see it was a secondary issue, not the primary. To me, it's simply the best browser to use. You have the followers who use IE and Firefox, which I don't have a problem with, so long as they've tried the others. Some of it is personal preference, but most people have never even tried others.

I don't know how people can use IE. It's such an obnoxious browser, and it's slow. Firefox I can understand.

The main reason I use Opera is it's available on virtually any version of Windows. I was fixing a friend's PC, that was running on Windows ME. He was suffering with IE 6. Firefox doesn't support it with any recent releases, and there was a lot of things he couldn't run with Flash. So, we upgraded him to Opera, and all of the sudden his computer can run a lot more things. If I have to support computers, I'd prefer they all use the same browser since I don't have to remember 150 different things. On top of this, I just think Opera is easier to use, and better.

The frosting on the cake is market share for IE is going to create the most attacks. Firefox will start getting them too. It's the main reason - I don't worry about this type of crap at all. But, it is reality if you do worry about it. And where is it written that IE is more secure than Opera? From what I have seen, all the attacks are on IE. That's not a good reason to think it's more secure.

I'm not dissing your choice, each to their own as it were, i'm just wary of any situation that relies on "not being noticed" to be safe, not just on the internet but life in general. Life has a habit of biting you in the ass when you do that. Stay safe bro'

Life has a way of biting you in the ass not matter what you do. You no doubt know what I'm talking about. You try to do the safe thing, and it turns out to be the dangerous thing. You try to do the smart thing, and it's the dumb thing. But, I'm pretty sure that IE is riskier than Firefox and Opera. That comes with the caveat that reality is a bad joke. Who would ever have thought the quickly thrown together, and treacherous instruction set of the 8086 would become the dominant one? Need I say more?

The only thing I have figured out is, no matter what I do, my ass is going to get bitten. The only solution is to learn how to deal with a bit ass. Every time I think I am doing the right thing to avoid it - CHOMP.

this article on security http://www.ranum.com/security/comp [...] ials/dumb/ was written years ago, but the lessons have yet to be learned

Yeah, security is only as good as the weakest link in the chain, unfortunately that's us, if we click the link or .exe then it's our own damn stupid fault. That's why Microsofts UK Security chief isn't a tech-geek, he's former G-Man, cool as a cucumber, better looking moustache than Tom Selleck, FBI heavyweight Ed Gibson.
http://www.sustainability.com/abou [...] asp?id=360
He understands that behind the security attacks is the mind of a person, and behind the security protection of the users is also the mind of a person. Both sides are only as good as the person behind the keyboard. Understand the person and you can prevent the attacks. I met him at a symposium at Manchester Universitys Institute of Science & Technology (UMIST) nearly 3 years ago. Very cool guy.

si potrà anche far peccato a pensare male, eppure....secondo me google ha pensato bene prima di attaccare il governo cinese: http://bit.ly/7BOP6h

To all those of you that are so proud to use another browser: don't be so naive. I use Firefox at work and Chrome at home and I don't feel any safer. IE had a flaw that was exploited this time and it can and probably will have other flaws. I don't think any browser is impervious to attacks. If it's meant to access the internet, the internet can access it too.

That's good advice to keep in mind. MS' IE has had the most holes in the past, but it doesn't mean other software is airtight.

Man I am tired of everyone saying that it is Socialism. Your retarded. Yes he wants to socialize health care, but its not like we dont have socialist programs in place now. The public libraries, Police, Fire departments. No one threw a fit when those were socialized. Personally I dont give 2 rats asses what he has to do to fix health care, as long as its fixed.
People need health care. If you want to critisize something look at pharmacutical companies. They rape you and then pass laws so that they can turn around and do it again. Better yet critisize being able to lobby in the congress. Thats how all the big companies get laws passed whether they benifit you or not.
In conclusion, I dont care what has to happen to make health care affordable just get it done. Also quit stalling and come up with some cures to somthing. I mean the last time we cured an illness was in the 60's. Quit milking the treatment.

Don't bother, you can just tell he is set in his ways with the kind of wild eyed fanatisism against anything with politics to the left of Adolph Hitler. Probably a close relative of Joseph McCarthy. Probably only has a job because Social Security and Socialism sound similar.

The only way to get him onboard is with a huge shock to the system, like if diagnosed with cancer and his HMO tells him to jog on because his policy doesn't cover it.

One simple question, is the UK a communist state with Soviet officials and the Red Army? No. But we have the NHS. May not be a perfect system but anyone can get healthcare free at the point of service paid for via general taxation. Do we have private medical as well? Yes we do, pretty good as well. But the differance is that private medical should be a perk or a luxury that is available to those who want to pay for it, rather than an essential that is removed because you are poor.