×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

IE 0-Day Flaw Used In Chinese Attack

timothy posted more than 4 years ago | from the zero-is-where-you-start-counting dept.

Internet Explorer 318

bheer writes "A zero-day attack on IE was used to carry out the cyber attack on Google and others that's been getting so much ink recently, reports The Register, quoting McAfee's CTO. While the web (and security) community has pointed out the problems with IE's many security flaws (and its sluggish update cycle) in the past, IE shows no sign of vanishing from the corporate landscape."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

318 comments

A major security flaw in IE? (5, Funny)

XPeter (1429763) | more than 4 years ago | (#30773452)

This is unheard of!

Re:A major security flaw in IE? (4, Funny)

Monkeedude1212 (1560403) | more than 4 years ago | (#30773626)

No no no, you aren't seeing it.

Google can stay in China, or pull out, or do whatever its nefarious plan is, and now they can BLAME MICROSOFT!

Don't you know what this means?!?!?!?!?!?

Clearly this is all an elaborate ruse to market Chrome!

Re:A major security flaw in IE? (5, Funny)

Knara (9377) | more than 4 years ago | (#30773668)

Google can stay in China, or pull out,

It's far too late for Google to pull out of China. It should have known that the pulling-out method is not a reliable form of birth control, and now it needs to take responsibility for it and China's love child, Baidu.

Re:A major security flaw in IE? (-1, Troll)

Anonymous Coward | more than 4 years ago | (#30773852)

That joke was already done in the last Google China story.
It was lame that time too.

Re:A major security flaw in IE? (1)

DMiax (915735) | more than 4 years ago | (#30773868)

What is the problem if Google pulls out? What damages have they done? If anything the chinese are going to notice that it is missing and - maybe - grow some little more discomfort with the current governement that can push them to change things...

Re:A major security flaw in IE? (0, Redundant)

Anonymous Coward | more than 4 years ago | (#30773956)

gee I wish I could recycle endlessly the same joke from days ago.....

Re:A major security flaw in IE? (-1, Redundant)

Anonymous Coward | more than 4 years ago | (#30774140)

gee I wish I could recycle endlessly the same joke from days ago.....

You are [slashdot.org].

Re:A major security flaw in IE? (2, Interesting)

rtb61 (674572) | more than 4 years ago | (#30773856)

M$ profits and restricted access to the source code is the problem. Once you started dumping the closed source code onto essential technology infrastructure and only basically released the code to governments, especially those governments that oppose the concept of a modern democracy, well, guess what those governments would do with the bugs they find. Greed versus patriotism, let me guess which took the back seat in dealing with unstable undemocratic governments and corporate profits. Open source can have similar problems but then if you work hard to secure open source (considering it is a globally shared effort) whilst your victims stick with closed source you have got a major advantage, especially when major corporations peddling closed source proprietary code absolutely will not fixed bugs unless they have to, cost versus profit.

The most troublesome thing about this, does anyone believe that the government of China used the best back door bugs for this little operation or did they just use one they knew would be discovered and thwarted relatively quickly but not before they had got what they were after. I can see this getting rapidly out of hand, especially as countries shift to audited FOSS code, they have a limited 'window' of opportunity to exploit their zero day exploits.

Re:A major security flaw in IE? (1)

norpy (1277318) | more than 4 years ago | (#30774232)

Once you started dumping the closed source code onto essential technology infrastructure and only basically released the code to governments, especially those governments that oppose the concept of a modern democracy,

Are you saying that microsoft gave the chinese government the source code to IE/Windows?

Are you high? Or are you wearing a tinfoil hat?

Re:A major security flaw in IE? (0)

Anonymous Coward | more than 4 years ago | (#30774244)

Yes, yes, and yes.

Re:A major security flaw in IE? (2, Insightful)

Anonymous Coward | more than 4 years ago | (#30773644)

Just keep using mainstream Microsoft products and acting surprised when this happens. At least the rest of us can derive some amusement from your insistence that "Microsoft == high-quality" because it has a recognizable brand name.

Re:A major security flaw in IE? (0, Flamebait)

Anonymous Coward | more than 4 years ago | (#30773880)

IE should really be called IB, for Internet Bumsplorer! LOL! On Linux it would be called IC, for Internet Cripple.

Re:A major security flaw in IE? (3, Interesting)

spinkham (56603) | more than 4 years ago | (#30773918)

Honestly, there are major flaws in all browsers all the time, they're really complicated software and are the most exposed part of the computer at the moment, so lots of research is put into finding flaws.

The two continuing problems are:
1) The use of old versions. IE 6 sucks. No way around it. IE 7 sucks less, and IE 8 has a mix of good and bad things.
2) The time between updates. Some known IE bugs go patched for a long time, with about a 1 month minimum exploitation window, and often quite a bit longer. FF and especially Chrome are MUCH better about pushing out patches and getting their users to upgrade.

Re:A major security flaw in IE? (0)

Anonymous Coward | more than 4 years ago | (#30774284)

Some known IE bugs go patched for a long time,

I think you meant "unpatched".

Re:A major security flaw in IE? (1)

plover (150551) | more than 4 years ago | (#30774306)

Some known IE bugs go patched for a long time,

I think you meant "unpatched".

No, I'm pretty sure he was talking about IE.

Using Macs could have prevented this! (-1, Redundant)

Anonymous Coward | more than 4 years ago | (#30773454)

Where is your PC god NOW!

Re:Using Macs could have prevented this! (3, Insightful)

Anonymous Coward | more than 4 years ago | (#30773486)

Or a firewall.

Re:Using Macs could have prevented this! (1, Insightful)

Anonymous Coward | more than 4 years ago | (#30773554)

How exactly would a firewall prevent an IE exploit? Maybe a good one would recognize known exploits, but this clearly wasn't known.

Re:Using Macs could have prevented this! (0)

Anonymous Coward | more than 4 years ago | (#30773634)

Some firewall software, such as ZoneAlarm, monitors outgoing connections being made unexpectedly by individual processes running on the host machine, in this case, likely the malware that was installed via the exploit in the first place.

Re:Using Macs could have prevented this! (2, Interesting)

Anonymous Coward | more than 4 years ago | (#30773820)

"Personal firewalls" are utter bullshit that can be trivially bypassed by malware. I can, to give but one of many examples, inject a DLL into Internet Explorer and do all my network communication through that.

Re:Using Macs could have prevented this! (1)

ShadowRangerRIT (1301549) | more than 4 years ago | (#30774256)

And that approach is often handy; you can piggyback on the proxy settings already configured in IE.

Re:Using Macs could have prevented this! (1)

mrsteveman1 (1010381) | more than 4 years ago | (#30773962)

Some firewalls do inline malware checking

Re:Using Macs could have prevented this! (0)

Anonymous Coward | more than 4 years ago | (#30774278)

Some firewalls also download information from the future about 0Days.

Re:Using Macs could have prevented this! (2, Informative)

tacarat (696339) | more than 4 years ago | (#30773562)

Using Firefox would have prevented it and still spared the needless expense of fashionable but mediocre and overpriced hardware for basic office minion tasks.

Re:Using Macs could have prevented this! (0, Troll)

TrancePhreak (576593) | more than 4 years ago | (#30773798)

Firefox breaks on some of the things I've had to work with. Just having it installed can cause them to not work correctly also.

citation needed (1, Interesting)

Anonymous Coward | more than 4 years ago | (#30773904)

please give an example of something that breaks with firefox simply installed. on any OS.

Re:citation needed (0)

Anonymous Coward | more than 4 years ago | (#30773964)

XPS Viewer breaks with Firefox installed

Re:citation needed (0)

v1 (525388) | more than 4 years ago | (#30774056)

XPS Viewer breaks with Firefox installed

And this is a problem with Firefox, not XPS Viewer?

Re:citation needed (1)

pantherace (165052) | more than 4 years ago | (#30774196)

That's not true in the situations I've used XPS Viewer on systems with Firefox installed.

Care to clarify what you mean by breaking?

(If it actually broke, it would be a valid response, as the post was basically asking for any situation which having Firefox installed breaks something. Even if it's due to assuming default behavior or something more stupid on the part of that other application.)

Nice spin ! (0)

Anonymous Coward | more than 4 years ago | (#30774180)

Firefox has had multiple remote code vulnerabilities. As has Safari. As has Opera. Yawn.. No single piece of software is going to prevent targeted attacks. Sorry OSS cheerleaders, its true.

What I want to know is.. How the fuck did they get Google employees to click on random links in an email?!

Re:Nice spin ! (1)

ShadowRangerRIT (1301549) | more than 4 years ago | (#30774302)

Google isn't all tech heads you know. They have an HR department, a marketing department, a legal department, etc. And besides that, being a programmer doesn't mean you're necessarily familiar with good security practices. A sizable minority, if not a majority of programmers know how to code but aren't much better at general computer use than your average present day internet using teenager. Some people view it as a job, not a lifestyle, and those people tend not to actively seek out knowledge beyond the scope of their immediate responsibilities, and good security practices aren't needed to code.

Re:Using Macs could have prevented this! (3, Insightful)

Anonymous Coward | more than 4 years ago | (#30773666)

This is a reply to a -1 Redundant post about how using a Mac could have prevented this, but there's a critical known flaw for Mac, iPhone, Apple TV, etc. that hasn't been fixed [theregister.co.uk] for seven months now...

Re:Using Macs could have prevented this! (1)

zes (1544775) | more than 4 years ago | (#30774000)

Does the fact that Mozilla has patched Fx mean that I am compromised using any browser but Fx on my mac? How about Chrome?

I am just about to buy a new laptop and I think this just convinced me to go Linux.

Re:Using Macs could have prevented this! (1)

broken_chaos (1188549) | more than 4 years ago | (#30774370)

Arciemowicz said the vulnerability could be remotely exploited using booby-trapped PHP code on a website, among other methods.

What? How would 'booby-trapped PHP code' on a website crash a machine? PHP is executed on the server, not on the client. If it can be exploited with JavaScript and HTML, I'd be interested in seeing an example of that -- as opposed to a C program... yeah, okay, an exploit, but I'd have to, oh, run a program I don't trust, which is always a security flaw...

You know what this means (3, Insightful)

Arancaytar (966377) | more than 4 years ago | (#30773510)

Clearly instead of (or at least as well as) pulling out of China, Google should stop supporting MSIE.

And declare cyber-war on Microsoft. :P

Re:You know what this means (3, Insightful)

cstdenis (1118589) | more than 4 years ago | (#30773754)

Why is Google even using IE? They have their own web browser. They should be eating their own dog food.

Re:You know what this means (1)

JJJK (1029630) | more than 4 years ago | (#30774068)

At least those Google employees who are responsible for getting stuff displayed in browsers need to use all major browsers. QA people probably even use all the browsers plus most versions of those browsers. Sure, those setups will probably be automated and sandboxed, but at least up until now I don't think it seemed necessary for each developer to be that paranoid about using the latest IE for quick tests.

I'm sure that for normal browsing (not for testing purposes) most of these people use chrome.

Re:You know what this means (1)

maxume (22995) | more than 4 years ago | (#30774322)

They wouldn't need to browse random incoming links using Internet Explorer though.

Re:You know what this means (1)

ShadowRangerRIT (1301549) | more than 4 years ago | (#30774332)

If they're on the Chrome team, sure. But if it's anything like Microsoft, everyone chooses their own. While I was working at Microsoft, I browsed the company intranet with IE, but external browsing was entirely Firefox. A lot of people on my team did that. I left around when Chrome released, but I assume a few people use it too.

Re:You know what this means (3, Insightful)

Haymaker (1664103) | more than 4 years ago | (#30774342)

Why is Google even using IE? They have their own web browser. They should be eating their own dog food.

Google hardly even uses Windows AFAIK. The IE vulnerability victims are likely the people who had their accounts attacked.

Re:You know what this means (4, Interesting)

Anachragnome (1008495) | more than 4 years ago | (#30773834)

That is pure genius.

There are Sooooo many people that don't know how to find anything on the web without using Google that if Google did stop supporting IE, many of those people would start using Firefox simply to use Google. And that would be a huge foot-in-the-groin for Microsoft, even if it doesn't DIRECTLY benefit Google.

Methinks it would avoid any anti-trust issues as well.

Considering the topic of this thread, it might actually help to prevent further Chinese highjinks.

Re:You know what this means (2, Interesting)

lien_meat (1126847) | more than 4 years ago | (#30774338)

I see another scenario... Google stops supporting IE, Microsoft is justified in forcing bing as the default search on ANY IE install, all the people who just use IE cause it's installed (quite a few I believe) will use bing, and see how pretty bing is, and be seduced into thinking google is crap. (bing does look good, I prefer google though, for many reasons) So if anything, I believe a move like that would hurt them.

More than just IE (5, Informative)

FalleStar (847778) | more than 4 years ago | (#30773584)

If you bother to RTFA (I must be new here, right?) you'll see that it wasn't JUST an IE zero-day that was used in the attack.

"While we have identified the Internet Explorer vulnerability as one of the vectors of attack in this incident, many of these targeted attacks often involve a cocktail of zero-day vulnerabilities combined with sophisticated social engineering scenarios." - George Kurtz [mcafee.com]

So IE is partially to blame, but you can't just say that this is MS's fault.

Re:More than just IE (4, Insightful)

calmofthestorm (1344385) | more than 4 years ago | (#30773646)

Even if it were 100% microsoft, zero-days happen. The only problem is that with MS, they're 31 days, not zero days.

Re:More than just IE (1)

Seakip18 (1106315) | more than 4 years ago | (#30773804)

Exactly.

The attacks were targeted against specific folks, those whose computers were targeted for being compromised. "Spear Phishing"(dang that sounds stupid) is what it resolved around, they just happened to use a few zero-exploits to carry it out.

Re:More than just IE (5, Funny)

dclozier (1002772) | more than 4 years ago | (#30774078)

So IE is partially to blame, but you can't just say that this is MS's fault.

You really are new here. Of course it was all Microsoft's fault. ;)

It's not stupidity (5, Insightful)

liquiddark (719647) | more than 4 years ago | (#30773586)

Corporate users largely work on intranets, and intranets are largely supported by guys who don't have the resources a professional development team has. So corporations buy large make-your-own-adventure web-ish packages like Sharepoint, and suddenly they're locked into IE for another cycle, and the whole ugly repeats itself. It's genuinely difficult to not get locked into somebody's product stack, and Microsoft's is, on the whole, no worse than anybody else's.

Re:It's not stupidity (1)

Anonymous Coward | more than 4 years ago | (#30773730)

On the whole, they are.

Re:It's not stupidity (3, Informative)

musicalmicah (1532521) | more than 4 years ago | (#30773800)

According to TFA, this vulnerability was in IE6. Lock-in or no, you'd think they could have at least upgraded one version level up, if not two.

Re:It's not stupidity (4, Insightful)

liquiddark (719647) | more than 4 years ago | (#30773924)

You might think that, but try supporting a massive suite of web applications that all have their own browser ticks, all of which were critical for something just shy of a minute, but which are maintained because retiring one would cause one guy (who always, somehow, happens to have the necessary clout) to die of unproductivity. Until you've lived in that situation for years on end it is wise to withhold judgement.

Re:It's not stupidity (5, Informative)

yuna49 (905461) | more than 4 years ago | (#30773952)

According to TFA, this vulnerability was in IE6.

No, only IE 5.01 SP4 and IE 8 are not vulnerable without enabling "data execution prevention." The attackers apparently targeted IE 6, but nearly all other versions can be compromised.

From TFA:

"A security feature known as data execution prevention, which prevents data loaded into memory from being executed, will block the particular exploits McAfee has observed. But Kurtz warned the vulnerability exists in all versions of IE except for IE 5.01, service pack 4, and that it would be possible for attackers to work around the protection.

In an advisory, Microsoft recommended people use DEP, which by default is enabled in IE 8 but must be turned on in prior versions. The statement also advised users on Vista and later versions of Windows to run IE in protected mode. The advisory didn't say when an update would be released that patches the vulnerability."

Re:It's not stupidity (1)

Runaway1956 (1322357) | more than 4 years ago | (#30774114)

"According to TFA, this vulnerability was in IE6."

TBH, I haven't read TFA. If TFA says the vulnerability was in IE6 alone, then I think TFA errs. I've read through 3 different related articles before seeing it come up here on slashdot. The vulnerability is also in IE7 and IE8. The fix is really simple - put your IE security settings up to maximum to prevent any DirectX from running, unless you specifically approve of it.

Of course, having your security settings on max is a real hassle. On my XP virtual machine, when I download an executable, I'm asked/reminded 4 times that the file COULD BE malware. That's a lot of time. But, I don't change it. Running an executable SHOULD be a minor pain. Given the opportunity, I'd make everyone click through a half dozen warnings.

Re:It's not stupidity (4, Insightful)

Carnildo (712617) | more than 4 years ago | (#30774274)

Given the opportunity, I'd make everyone ignore a half dozen warnings.

Fixed that for you. Warning overload is one of the biggest problems facing computer security today. Since so many of the warnings the average user is bombarded with are meaningless, the genuine threats get lost in the noise and are ignored.

See also: The boy who cried "wolf".

Re:It's not stupidity (0, Flamebait)

timmarhy (659436) | more than 4 years ago | (#30773864)

try getting into bed with IBM, the darling of the OSS crowd. THEN you'll know what vendor lock in is.

Re:It's not stupidity (1, Offtopic)

awitod (453754) | more than 4 years ago | (#30774020)

SharePoint 2010 does not fully support IE 6.0. It is a down-level browser. SharePoint 2010 does fully support FireFox, Chrome, Safari, and Opera.

Just thought you'd be happy to know.

Re:It's not stupidity (1)

liquiddark (719647) | more than 4 years ago | (#30774042)

I would be delighted, if we had any likelihood of upgrading our SP installation anytime soon. Thanks for the talking point, at least.

Not IE, Adobe's PDF Reader 0 day Flaw (5, Informative)

Eyah....TIMMY (642050) | more than 4 years ago | (#30773606)

From an earlier /. article: http://arstechnica.com/security/news/2010/01/researchers-identify-command-servers-behind-google-attack.ars [arstechnica.com]

From the article in this post: The previously unknown flaw in the IE browser was probably just one of the vectors used in the attacks .
I love the "probably"

Re:Not IE, Adobe's PDF Reader 0 day Flaw (1)

Eyah....TIMMY (642050) | more than 4 years ago | (#30773632)

Ok then they post an update it might be IE. So I guess noone knows, or it depends on the contracts you have with Adobe.

Re:Not IE, Adobe's PDF Reader 0 day Flaw (2, Insightful)

pookemon (909195) | more than 4 years ago | (#30774320)

Yeah - I read that as "We don't actually know how the attack was done - but we'll go with the popular line and blame Microsoft."

Chairs... (0, Funny)

Anonymous Coward | more than 4 years ago | (#30773624)

Looks like the Chinese are doing a better job of trying to "fucking kill Google" than Ballmer can with their own software!

Re:Chairs... (0)

Anonymous Coward | more than 4 years ago | (#30773704)

Oh I'll show you!

?Senior? (1, Insightful)

Anonymous Coward | more than 4 years ago | (#30773660)

I am shocked that the "Senior tech leaders" are running IE...I thought only nubs ran that browser. It is their own fault. They should have known better. Not that FF or Chrome etc are impenetrable, but at least your chances of "Something Bad Happening" are less than 100%.

Re:?Senior? (3, Insightful)

ravenspear (756059) | more than 4 years ago | (#30773720)

I would be more concerned that senior tech leaders are actually clicking on links in malicious emails than the fact that they are running IE.

Re:?Senior? (0, Interesting)

Anonymous Coward | more than 4 years ago | (#30774006)

Some of us don't have a stick up our ass about using MS products. Some of us have never gotten a virus. Some of us are smart enough not to download ever bit of malware that has a purple ape attached to it.

Re:?Senior? (5, Insightful)

Runaway1956 (1322357) | more than 4 years ago | (#30774168)

And, "some of us" find these posts amusing. The FACT is, Microsoft products are the primary vector for every malware known to man.

Using your logic, we should go back to dumping sewerage in the streets. I mean, yeah, it's kinda nasty, but plenty of people lived to be old aged in medieval Europe, right? They were probably the people who didn't click on purple apes too. Just forget about that plague thing. Over-hyped nonsense.

Attacks targeted IE6 (1, Redundant)

1sockchuck (826398) | more than 4 years ago | (#30773670)

From the McAfee writeup: "So far the attacks we've seen using this vector have been focused on Internet Explorer 6." The stupid but obvious question: why are people at these companies using IE6?

internal shit (0)

Anonymous Coward | more than 4 years ago | (#30773802)

lame software for travel expense reporting

other lame software for time cards

All vendors of such products are evil scum in need of torture.

An obvious solution is available for people nerdy enough to handle the concept of a virtual machine. VMWare player is even free, though the XP license is not. Getting non-nerds to deal with a VM is impossible.

Re:Attacks targeted IE6 (0)

Anonymous Coward | more than 4 years ago | (#30774104)

Because they have no choice. They spent millions of dollars on bespoke or proprietary intranet software that will work with nothing else. In fact, such software is STILL SOLD.

Re:Attacks targeted IE6 (1)

SoapBox17 (1020345) | more than 4 years ago | (#30774252)

The IT department at my company actually refuses to allow anything newer than IE 6 because of security concerns. (Seriously.)

Chinese govt inspection of MSFT code? (5, Interesting)

SillyValley (1721474) | more than 4 years ago | (#30773692)

I recall MSFT allowed the Chinese government to look at Windows source code a few years back. I wonder if the vulnerable IE6/7/8 code was part of the code provided to the Chinese government, but IE5.4 (not vulnerable to the latest attack, apparently) didn't include the problem code? This is something that can be checked. It could be an indication of whether the Chinese used the source code inspection as a road map to identify vulnerabilities for attacks like these.

Re:Chinese govt inspection of MSFT code? (1)

timmarhy (659436) | more than 4 years ago | (#30774022)

i think it's an indication that just having the code will not protect you. unless your in the business of developing software, having open source is utterly meaningless.

Re:Chinese govt inspection of MSFT code? (4, Interesting)

cbhacking (979169) | more than 4 years ago | (#30774080)

It is worth noting that unless you specifically exclude IE8 from DEP (or disable DEP globally) then it is not vulnerable to this attack. You can also enable DEP (either via opt-in or by switching the default behavior system-wide to opt-out) for the previous IE versions.

Nonetheless, it's possible that the vulnerability was discovered in the manner you suggest. I'm not sure they saw the IE8 code, but if the same vulnerability is used on all versions it's probably in code that hasn't changed in a while.

Not PDFs? (3, Insightful)

gumbo (88087) | more than 4 years ago | (#30773716)

I've heard that PDFs were used, and that's the one that sounds the most logical. Whenever I've seen attacks against my network from the Chinese, it's always been in the form of malicious spear-phished PDFs.

Whatever they actually used against Google, there's not one easy solution. You can't just say that they should have used Firefox, because then the attackers would have exploited some random Firefox add-on that some people were using. I'm sure Google employees use every browser out there throughout the company. Keeping Acrobat Reader fully patched and keeping your users alert and well-trained would probably stop a lot of it, but not all.

Re:Not PDFs? (3, Interesting)

Anachragnome (1008495) | more than 4 years ago | (#30773912)

"Keeping Acrobat Reader fully patched and keeping your users alert and well-trained would probably stop a lot of it, but not all."

I can't help but wonder if Firefox AND Foxit would have prevented this.

Re:Not PDFs? (5, Insightful)

biryokumaru (822262) | more than 4 years ago | (#30774062)

I know, why isn't the solution ever "Use an alternative PDF viewer?" Instead of "Update Adobe Acrobat to another version filled with gaping security flaws."

Re:Not PDFs? (1)

QuantumG (50515) | more than 4 years ago | (#30773994)

Ever click on a link in Acrobat Reader? Notice that it starts up IE and not whatever browser you have installed?

That's what happened.. of course the clicking on the link part was likely done with another flaw in Acrobat.

Leveraging flaws like this to get arbitrary code execution is about the only indication that these attackers were sophisticated.. otherwise it would just have been a dumb old "don't open the attachment idiot" attack. Although it was that, so meh, they're not that sophisticated.

Um, why are people at google using IE? (2, Insightful)

Trailer Trash (60756) | more than 4 years ago | (#30773768)

Seriously - makes no sense.

For the lulz. (1)

mister_playboy (1474163) | more than 4 years ago | (#30773978)

Maybe for the same reason that Slashdot uses a 3Dified version of the IE5 logo as an icon for Internet Explorer?... and this on a website where people bitch endlessly about IE6, let alone something even more ancient...

They did it for the lulz.

Re:Um, why are people at google using IE? (0)

Anonymous Coward | more than 4 years ago | (#30774018)

sharepoint, which is a POS in of it's self.

Re:Um, why are people at google using IE? (1)

Cassius Corodes (1084513) | more than 4 years ago | (#30774122)

People at google are not using IE - People who use google products like gmail use IE. They are the ones that got really owned. Google itself did not get completely owned (if you trust Google's narrative).

Re:Um, why are people at google using IE? (1)

D H NG (779318) | more than 4 years ago | (#30774206)

Not all Google employees are engineers. About half of the employees use Goobuntu. The rest use Windows and Macs.

No real fix... (5, Interesting)

Aoet_325 (1396661) | more than 4 years ago | (#30773872)

Sadly, microsoft doesn't seem to have anything you can do to fix this.
http://www.microsoft.com/technet/security/advisory/979352.mspx [microsoft.com]
It's seems all they advise will only reduce your odds of getting hit (by helping protect against the methods they've seen used to exploit it) and reducing the damage done after IE runs the malicious code on your system.

What they should be suggesting is that people not use IE on the internet (if possible) until this is fixed.

'0 day' exploits are everywhere. What matters to me is that once discovered they are quickly patched or at the very least, a work around that actually prevents exploitation is provided.

I'd be interested to know more about the social engineering aspect of this attack. Was this more of the usual attempts (something that really should have been caught by anyone who knows better than to open random attachments and click links from strangers) or was there something much more involved that allowed the attackers to gain sufficient trust that any one of us would have likely fallen for this. Did the attackers spend months building a strong level of trust with the people at these companies or did someone click an on E-card?

Re:No real fix... (1)

dave562 (969951) | more than 4 years ago | (#30774280)

I'd be interested to know more about the social engineering aspect of this attack.

I would think that aspect of this would be obvious. They obviously received an email from an ancient Tibetian monk who recently came into a large supply of enlightenment pills, but needs help getting them out of the country. The attached PDF document contained all of the information regarding the pills, but the recipients were encouraged to act quickly as enlightenment is a valued treasure of the Chinese culture and supplies might not last.

No sign of vanishing (2, Informative)

enharmonix (988983) | more than 4 years ago | (#30773938)

IE shows no sign of vanishing from the corporate landscape

I work at a big company that takes an enormous number of precautions to secure and protect the confidential information of millions of people. And we still use IE6 with no sign of changing any time soon.

Re:No sign of vanishing (0)

Anonymous Coward | more than 4 years ago | (#30774228)

I second that at my company (VOIP Provider) its the same thing. Posted anonymously for obvious reasons.

Hold on this makes no sense. (0)

Anonymous Coward | more than 4 years ago | (#30774024)

I though browser vulnerabilities were supposed to be damaging to the person using the browser, not the other way around. If a "flaw" in a browser allows one to hack a site, I consider that a feature, not a vulnerability. Sounds like the flaw is in the server, not the browser.

Slashdot uses ink? (0)

Anonymous Coward | more than 4 years ago | (#30774050)

E-ink, mayyybe.

mo3 up (-1, Offtopic)

Anonymous Coward | more than 4 years ago | (#30774154)

fatal mistakes, The project as a 1sn't a lemonade save Linux Jfrom a community. The paranoid conspiracy the top. Or were, Are a few good

China is a major IT threat ! (3, Interesting)

fluffy99 (870997) | more than 4 years ago | (#30774326)

Make no mistake, China is agressively attacking foreign systems and common software. They are stockpiling these zero-day exploits as potential weapons. They use one until it's discovered and patched, then wait until they have another high priority and then unwrap the next one.

When you see Symantec or Microsoft reporting an "undisclosed source" on new vulnerabilities, it's usually our own government that reported it after investigating a compromise. It's damn scary just how far the Chinese have wormed into the US corporate and military systems. For now they are content to quietly steal data and technology, but we're in deep shit if China decides to turn malicious. They have the power to level the US financial systems, military supply lines, utilities, etc which would quickly ruin the US. The reason they have not? It's not that they're scared of the US retaliating in kind - they clearly have the upper hand on that front. They need us to continue leeching our dollars and tech.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...